It's a generic setup where you can do _anything_ you want via firing off an HTTP request as a clone of the original, and re-handling the request after getting back the response.

Big shoutout to the Authelia team for helping out with testing and confirming that it works. Will be merged very soon (today?) and some follow-up work is coming to make the config for it even shorter (some sugar for the common forward_auth usecase).