Understanding Request Header extensions for ICAP

Since the ICAP server does not communicate directly with the source of data, but rather with the ICAP client, additional information may need to be passed from client to server to more completely identify a transaction.

Because of this, Forcepoint ONE SSE will pass the following to fulfill the requirement:

X-Client-IP - source IP address: 0.0.0.0
X-Server-IP - destination IP address: 0.0.0.0
X-Subscriber-ID: email address of file owner
X-Authenticated-User: Bitglass-API://[email address of file owner]