Customizing Requests with Header Manipulation
Header manipulation is a core feature of API Gateways that allows you to modify HTTP headers on incoming requests and outgoing responses. This enables better security, routing, debugging, and interoperability between services.
By adding, modifying, or removing headers, you can:
đź› Enrich requests with additional metadata before they reach your backend.
đź”’ Enhance security by stripping sensitive headers from responses.
🚀 Enable service compatibility by adjusting headers for different upstream APIs.
🔍 What are the Benefits of Modifying Headers?​
Headers contain critical metadata that helps control authentication, caching, routing, security, and debugging. Modifying headers at the gateway level ensures consistency without requiring upstream service changes.
Key Benefits:
- Modify Requests at the Edge: Adjust headers before requests reach your services.
- Ensure API Compatibility: Add or modify headers to meet the expectations of different backends.
- Improve Security & Privacy: Strip unnecessary or sensitive headers from responses.
- Simplify Authentication & Tracing: Add authentication tokens or tracking headers for better monitoring.
- Reduce Backend Overhead: Offload header transformations from your application code.
- Enhancing Security: Remove headers like Server to hide backend details from attackers.
- Injecting Authentication Headers: Add Authorization headers for SSO, API tokens, or identity providers.
- Adding Debugging & Tracing Information: Inject X-Request-ID or Trace-Id headers for observability and monitoring.
Header Manipulation Examples​
Adding Request Headers​
The following examples will add the X-Request-Header: my-custom-value
header to requests before they are forwarded to the upstream.
- AgentEndpoint
- CloudEndpoint
- Ingress
- Gateway API
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
đź’ˇ Ingress
resources do not have native configuration for header manipulation, but they can be extended using a traffic policy.
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
1. Create an NgrokTrafficPolicy
​
Loading…
2. Use the NgrokTrafficPolicy
on an Ingress
​
Loading…
Adding Response Headers​
The following examples will add the X-Response-Header: my-custom-value
header to responses before they are sent to the clients.
- AgentEndpoint
- CloudEndpoint
- Ingress
- Gateway API
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
đź’ˇ Ingress
resources do not have native configuration for header manipulation, but they can be extended using a traffic policy.
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
1. Create an NgrokTrafficPolicy
​
Loading…
2. Use the NgrokTrafficPolicy
on an Ingress
​
Loading…
Removing Request Headers​
The following examples will remove the X-Trace-Id
header from requests before they are forwarded to the upstream if the header is present.
- AgentEndpoint
- CloudEndpoint
- Ingress
- Gateway API
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
đź’ˇ Ingress
resources do not have native configuration for header manipulation, but they can be extended using a traffic policy.
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
1. Create an NgrokTrafficPolicy
​
Loading…
2. Use the NgrokTrafficPolicy
on an Ingress
​
Loading…
Removing Response Headers​
The following examples will remove the Server
header from responses before they are sent to the clients if the header is present.
- AgentEndpoint
- CloudEndpoint
- Ingress
- Gateway API
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
Loading…
đź’ˇ Ingress
resources do not have native configuration for header manipulation, but they can be extended using a traffic policy.
Check out the add headers and remove headers traffic policy action pages for more details about how they function and the parameters they accept.
1. Create an NgrokTrafficPolicy
​
Loading…
2. Use the NgrokTrafficPolicy
on an Ingress
​
Loading…