Since we use extensions authentication authorizationServer and already generate and return access_token to jsreport I thought that maybe it can be used for reverse authentication for API calls from studio.
so, do you want to reuse such access token and use it for api calls from scripts?
if you enable the extensions.express.exposeHttpHeaders to true then you can get the headers that contains the token from script.
in the script you can do this, can work with the header to extract the token from there
async function beforeRender (req, res) { // you can also log all the headers so you better understand what it is in there console.log(JSON.stringify(req.context.http.headers, null, 2 )) const authorizationHeader = req.context.http.headers.authorization console.log(authorizationHeader) // should log "Bearer xxxxxx" }