HTTP Headers

HTTP headers are key-value metadata pairs attached to every request and response, carrying auth tokens, content types, and caching rules.

Diagram

  GET /api/users HTTP/1.1
  Host: api.myapp.com
  Authorization: Bearer eyJhbG...
  Content-Type: application/json
  Accept: application/json

In Depth

HTTP headers are key-value pairs sent alongside the request or response body. They carry metadata — who you are, what format the data is in, caching instructions, and tracing IDs — without cluttering the payload itself.

Code Example

Common request headers in fetch

fetch('/api/users', {
  headers: {
    'Authorization': 'Bearer eyJhbGci...',
    'Content-Type': 'application/json',
    'Accept': 'application/json',
  },
});

⚠️ Common Misconception

Headers are not optional extras — many HTTP features (auth, caching, CORS, content negotiation) depend entirely on headers. Browsers and servers will reject or mis-handle requests when required headers are missing.

🌍 Real World Usage

Every JWT-authenticated API call sends `Authorization: Bearer <token>`. CDNs read `Cache-Control` headers to decide how long to cache a response.

Related Terms

http authentication jwt

← All Terms Next: API →