Fix TokenExchange sequence example in custom authorization token guide

[notdulain]

Purpose

Fix the broken TokenExchange sequence example in the "Passing a Custom Authorization Token to the Backend" documentation. The intermediate Synapse property and the original transport header both used the name Custom, so get-property('Custom') resolved to the wrong scope and the example did not exchange the token as described.

Resolves: #11155

Goals

Make the documented example work as written by giving the intermediate property a unique name (CustomValue), so readers who copy the snippet get the behavior the surrounding text describes.

Approach

Rename the intermediate property in the TokenExchange sequence from Custom to CustomValue in en/docs/api-gateway/policies/passing-a-custom-authorization-token-to-the-backend.md. This matches the fix proposed in the issue. Text-only documentation change, no behavioral or build impact.

User stories

As a reader following this guide, I want the sequence example to work when I copy it into tokenExchange.j2, so that the Custom header value is correctly promoted to the Authorization header before the request reaches the backend.

Release note

Documentation: Fixed the TokenExchange sequence example in "Passing a Custom Authorization Token to the Backend" to use a distinct intermediate property name.

Documentation

Updated file: en/docs/api-gateway/policies/passing-a-custom-authorization-token-to-the-backend.md

Training

N/A

Certification

N/A

Marketing

N/A

Automation tests

• Unit tests

  N/A (documentation-only change)

• Integration tests

  N/A (documentation-only change)

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? N/A (documentation-only change)
• Ran FindSecurityBugs plugin and verified report? N/A
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes

Samples

N/A

Related PRs

N/A

Migrations (if applicable)

N/A

Test environment

N/A (text-only change)

Learning

Re-read the Synapse get-property semantics: when the second argument is omitted it looks up the default scope, so reusing the transport header name Custom for an intermediate property masked the intended value. Renaming the intermediate property to CustomValue removes the collision.

[coderabbitai]

📝 Walkthrough

Walkthrough

This change corrects a Synapse mediation sequence example in the API Gateway documentation. The TokenExchange sequence now uses a two-step property mapping instead of direct header assignment. The incoming Custom transport header is first extracted into an intermediate CustomValue property, then the Authorization header is set from this property with explicit transport scope. The Custom header is subsequently removed, maintaining the intended message flow behavior.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and accurately describes the primary change: fixing a broken TokenExchange sequence example in the custom authorization token documentation guide.
Linked Issues check	✅ Passed	The PR fully implements the correction specified in issue #11155 by renaming the intermediate property from 'Custom' to 'CustomValue', which resolves the scope collision that prevented the example from working as documented.
Out of Scope Changes check	✅ Passed	All changes are directly within scope: only the TokenExchange sequence example in the target documentation file was modified to fix the property naming issue described in the linked issue.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The pull request description is comprehensive and follows the template structure with all major sections completed appropriately for a documentation-only change.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}