0xsequence · klaidliadon · Nov 3, 2025 · Oct 28, 2025
diff --git a/rpc/access/middleware.go b/rpc/access/middleware.go
@@ -51,6 +51,10 @@ func accessKeyMiddleware(next http.Handler) http.Handler {
 		if accessKey != "" {
 			ctx = tenant.WithAccessKey(ctx, accessKey)
 		}
+		origin := r.Header.Get("origin")
+		if origin != "" {
+			ctx = tenant.WithOrigin(ctx, origin)
+		}
 		next.ServeHTTP(w, r.WithContext(ctx))
 	})
 }

diff --git a/rpc/tenant/context.go b/rpc/tenant/context.go
@@ -10,6 +10,7 @@ type contextKeyType string
 
 var (
 	accessKeyCtxKey = contextKeyType("access-key")
+	originKeyCtxKey = contextKeyType("origin")
 	tenantCtxKey    = contextKeyType("tenant-data")
 )
 
@@ -26,3 +27,12 @@ func AccessKeyFromContext(ctx context.Context) string {
 func WithAccessKey(ctx context.Context, accessKey string) context.Context {
 	return context.WithValue(ctx, accessKeyCtxKey, accessKey)
 }
+
+func OriginFromContext(ctx context.Context) string {
+	v, _ := ctx.Value(originKeyCtxKey).(string)
+	return v
+}
+
+func WithOrigin(ctx context.Context, origin string) context.Context {
+	return context.WithValue(ctx, originKeyCtxKey, origin)
+}
diff --git a/rpc/waasapi/waasapi.go b/rpc/waasapi/waasapi.go
@@ -21,10 +21,12 @@ func Context(ctx context.Context, optJwtToken ...string) context.Context {
 	waasHeader := http.Header{}
 	waasHeader.Set("Authorization", "BEARER "+jwtToken)
 
-	accessKey := tenant.AccessKeyFromContext(ctx)
-	if accessKey != "" {
+	if accessKey := tenant.AccessKeyFromContext(ctx); accessKey != "" {
 		waasHeader.Set("X-Access-Key", accessKey)
 	}
+	if origin := tenant.OriginFromContext(ctx); origin != "" {
+		waasHeader.Set("Origin", origin)
+	}
 
 	waasCtx, err := proto_wallet.WithHTTPRequestHeaders(ctx, waasHeader)
 	if err != nil {