Skip to main content

Add and Remove Headers Examples

With Traffic Policy, you can add and remove headers from requests to provide more context to your upstream service or withhold sensitive information. This page demonstrates a few example rules that do so.

Enrich your upstream service

Add new headers to requests to give your upstream service more context about the consumer, which in turn allows for richer functionality, such as localized languages and pricing.

This rule adds multiple headers to the request, including the client's IP address, the endpoint ID, and the client's location.

Loading…

See the add-headers Traffic Policy action docs for more information.

Remove service details from response headers

Some frameworks, like Express, add headers like X-Powered-By: Express to responses, which you may not want to reveal to your users.

This rule removes the X-Powered-By header.

Loading…

See the remove-headers Traffic Policy action docs for more information.

Deprecate an API version

By including an X-Api-Version header in your API reference or developer documentation, you can quickly return a helpful error message, which encourages them to explore usage of the new version.

This rule:

  1. Checks the request's X-Api-Version
  2. If its value is 2, it returns a 400 Bad Request response with a custom error message
Loading…

See the custom-response Traffic Policy action docs for more information.