From 38e988586f0e94c31e9aa26a90a4074360993e58 Mon Sep 17 00:00:00 2001
From: gilesb <giles.bradshaw@sigyl.com>
Date: Fri, 9 Jan 2026 17:43:19 +0000
Subject: [PATCH] Pass L1_PUBLIC_URL when verifying tokens with L2

L2 now requires L1 servers to identify themselves for authorization.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 server.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server.py b/server.py
index ea79e53..68e35aa 100644
--- a/server.py
+++ b/server.py
@@ -410,6 +410,7 @@ def _verify_token_with_l2_sync(token: str, l2_server: str) -> Optional[str]:
         resp = http_requests.post(
             f"{l2_server}/auth/verify",
             headers={"Authorization": f"Bearer {token}"},
+            json={"l1_server": L1_PUBLIC_URL},  # Identify ourselves to L2
             timeout=5
         )
         if resp.status_code == 200: