Methods and apparatuses enable a service mediator to provide security proxying services to an end-user application requesting a backend service of an enterprise network. The end-user application generates a request for a service of the backend system. The request does not have sufficient security information to enable access to the backend system. The service mediator can detect that one or more items of required security information are not present in the request and injects the necessary security information into the request. The end-user application need not even have access to the security information or even be aware that security information is needed to access the service. The request having the required security information is sent to the backend to enable access to the backend service.