Hi, I am having a conceptional question.
I am trying to setup a contract between two services. A (consumer) and B(provider). To secure the communication a header is injected by a running side-container, so A actually does not know about this security header. Service B however needs this header to verify the user etc, and it is always checked before handling the requests. Where would I place setting up this header? As part of the consumer-contract? Even though the application A does not really know about it or on the provider side?
At the moment I would implement a state "user exists" or "user is authenticated" in the consumer pact and try to setup this header somehow in the provider. Is this the way to go?