DEV Community

Shagun Bidawatka
Shagun Bidawatka

Posted on

Understanding Request and Response Headers in REST APIs

Headers play a vital role in the communication between a client and a server by providing essential information about the request or response. In this blog, we’ll dive deep into what headers are, why they matter, and some of the most commonly used headers in REST APIs.

What are HTTP Headers?

HTTP headers are key-value pairs sent in the request or response of an HTTP transaction. These headers convey information about the request or response, such as the type of data being sent, the encoding method used, authentication credentials etc.

Headers are used at both request and response time. They facilitate smooth, secure, and efficient communication between the client and server in REST APIs.

Request Headers

Contain more information about the resource to be fetched, or about the client requesting the resource.

Header Example Use Case
Authorization Authorization: Bearer Sends credentials to authenticate the client with the server.
Content-Type Content-Type: application/json Specifies the media type of the data being sent by the client.
Accept Accept: application/json Indicates the content types the client can process.
User-Agent User-Agent: Mozilla/5.0 Identifies the client software making the request.
Cache-Control Cache-Control: no-cache Directs how the request should be cached by the server or caches.
Host Host: example.com Specifies the domain name of the server the client is requesting.
Accept-Encoding Accept-Encoding: gzip, deflate Lists the encoding methods the client can handle.
Accept-Language Accept-Language: en-US Indicates the preferred languages for the response.
Referer Referer: https://example.com Provides the URL of the resource from which the request was initiated.
Origin Origin: https://example.com Identifies the origin of the request, especially for CORS.

Response Headers

Hold additional information about the response, like its location or about the server providing it.

Header Example Use Case
Content-Type application/json Indicates the media type of the resource in the response body.
Cache-Control max-age=3600 Defines caching directives for the client and intermediate caches.
Location /new-resource Indicates the URL to redirect a client to another resource.
Set-Cookie sessionId=abc123 Sends cookies from the server to the client for session management.
WWW-Authenticate Basic realm="Resource" Defines the authentication method for accessing a resource.
Content-Encoding gzip Specifies the encoding method used on the response data.
Content-Length 348 Indicates the size of the response body in bytes.
Expires Wed, 21 Oct 2024 Gives the date/time after which the response is considered stale.
ETag "34a64d..." Provides a unique identifier for a specific version of a resource.
Last-Modified Tue, 15 Nov 2023 Indicates the date and time the resource was last modified.

Conclusion

Understanding and properly using request and response headers is fundamental to building REST APIs. These headers give information about security, authentication, caching, content negotiation, and API usability.

Top comments (0)