Skip to content

description: >- RESTful APIs use headers like Content-Type (json/xml), Authorization (Bearer/Basic), and custom headers for efficient communication between clients and servers.

Headers

Headers in RESTful APIs

HTTP headers play a crucial role in RESTful APIs, providing additional information about the request or response. They convey metadata that enhances the understanding and processing of the data being transmitted.

Headers are often used for authentication, by communicating with a secret token. They can also be used to request a specific format (for example XML or JSON).

Here are some common headers used in RESTful APIs:

Common Request Headers:

Content-Type:

  • Description: Specifies the media type of the resource sent in the request.

  • Common Values:

  • application/json: Used for JSON data.

  • application/xml: Used for XML data.

  • application/x-www-form-urlencoded: Used for HTML form data.

  • Example:

Content-Type: application/json

Note, this is the most common header to forget. Many APIs will absolutely REQUIRE a content-type (since JSON is preferred, application/json is generally the way to go). You might get a 'MEDIA NOT SUPPORTED' error if not set.

Authorization:

  • Description: Contains credentials for authenticating the client with the server.
  • Common Types:
  • Bearer Token: Used for token-based authentication.
  • Basic Authentication: Involves Base64 encoding of username and password.

  • Examples:

  • Bearer Token:

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
  • Basic Authentication:
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

Accept:

  • Description: Informs the server about the types of media that the client can process. This is not often used for API's, though it happens. In some cases you might need to send XML, but want JSON back. This is the way to communicate to the server that you want JSON as a response.

  • Common Values:

  • application/json: Indicates acceptance of JSON response.

  • application/xml: Indicates acceptance of XML response.

  • Example:

Accept: application/json

Custom Headers:

  • Description: Developers can define custom headers to convey additional information specific to their API. This can really be anything. In some cases (i.e. InRiver) you might need to set the language through a custom header.

  • Example:

X-Client-Version: 1.0

Common Response Headers:

Content-Type:

  • Description: Informs the client about the media type of the response.

  • Common Values:

  • application/json: Indicates JSON response.

  • application/xml: Indicates XML response.

  • Example:

Content-Type: application/json

Cache-Control:

  • Description: Directs how caching should be done on the client side.

  • Example:

Cache-Control: max-age=3600

Ratelimiting Headers:

  • Description: API providers may include a ratelimit, this means that you can only do a set amount of requests every (for example) minute. A header like this is used to inform you of the amount of requests you have left. Alumio can utilize this to 'pause' requests for a set time when the counter hits 0.

  • Example:

X-RateLimit-Limit: 1000

Custom Headers:

  • Description: API providers may include custom headers to provide additional information.

  • Example:

X-RateLimit-Limit: 1000