What are API headers?

Jump to:

What are API Headers?

API headers are like an extra source of information for each API call you make. Their job is to represent the meta-data associated with an API request and response.

If you ever encounter issues with an API, the first place you should look is the headers, since they can help you track down any potential issues. This makes them a very important part of each request.

API Headers tell you about:

  1. Request and Response Body
  2. Request Authorization
  3. Response Caching
  4. Response Cookies

Where do I see the headers in my API request?

You see headers in the message body. That’s the chunk of data that includes everything in the request or response. The headers usually come after the request line or response line.

Now, if you don’t know what those are, don’t worry. Just look for a specific format. Headers all look the same; they have an obvious format that you can spot from a mile away.

Headers are a keyvalue pair in clear-text string format separated by a colon. To see what they look like in practice, check out the example below:

{
 "key1": "value1",
 "key2": " value2",
 "key3": " value3",
}

Real headers usually don’t say key and value, though. I just used those terms for clarity. Usually, the strings used are longer and more random, like what happens when your cat sits on your keyboard because it’s warm.

But no matter how long or random a string may look, the general format remains the same: “key” : “value

To see a list of the most common header fields, click here.

Examples of API Headers

Here are some of the most common API Headers you will encounter when testing any API.

  • Authorization: Contains the authentication credentials for HTTP authentication.
  • WWW-Authenticate: The server may send this as an initial response if it needs some form of authentication before responding with the actual resource being requested. Often following this header is the response code 401, which means “unauthorized”.
  • Accept-Charset: This header is set with the request and tells the server which character sets (e.g., UTF-8, ISO-8859-1, Windows-1251, etc.) are acceptable by the client.
  • Content-Type:  Tells the client what media type (e.g., application/json, application/javascript, etc.) a response is sent in. This is an important header field that helps the client know how to process the response body correctly.
  • Cache-Control: The cache policy defined by the server for this response, a cached response can be stored by the client and re-used till the time defined by the Cache-Control header.

API Headers in action

To make API headers easier to understand, I’ll show you an example of how API headers are actually used.

Let’s use the Cat Facts API as an example.

We can use the version on RapidAPI to get the full response in JSON format. This lets us see the entire message body — headers and all.

If we test the /facts endpoint, we get the following list of headers in the response body:

As you can see, it contains important headers like Content-Type, Date, and ETag, among others, which will be very useful for uncovering the cause of any potential issues should they come up.

Sometimes, you’ll need some sort of authentication to make a request. For this, you might need an API Key, which is often provided by the server.

If the API key is listed as a header, then you’ll need to set it in the headers option of your HTTP request.

Like this:

headers: {'Authorization': '[your API key]'}

That’s if you’re coding in the first place. But with Apipheny, you can set your headers without having to code at all.

Using the Apipheny Headers feature, all you need to do to set your headers is paste in your header’s Key and Value. You can also add new rows should you need them.

What headers does this API have?

Well, I don’t know. But you can find out. You can see which headers an API has by looking inside its documentation.

The most common ones you’ll need are the headers used for authentication. These are often called the API Key and Secret, and the server will provide them early on.

Some APIs don’t need authentication, though, and you can use them right away. But if you get a 401 error after making a request, then it’s likely you need authentication.

But if you ever need to know more about a specific API, just read its documentation.

Final words

API Headers contain a wealth of information for tracking down potential issues when using any API.

Most of the time, you won’t be looking at them. But when problems arise, the headers are the first place you should look.

Import API data directly into Google Sheets

Do a lot of copy-pasting?

We used to, as well.

But it took up too much of our time.

Introducing Apipheny, a Google Sheets add-on that lets you import data directly into Google Sheets — and save up to an hour of your workday.

It lets you connect virtually any API to Google Sheets — in just a matter of seconds.

This means you can now import data directly from your favorite data sources — and finally stop switching between tabs with your fingers stuck on Ctrl + C and Ctrl + V.

Here’s Apipheny CEO & Co-Founder, Meelad, showing you just how easy it is to use the add-on.

Apipheny lets you do the following things:

  • Skip the scripting & coding part of APIs.
  • Retrieve and send data from your favorite data sources easily, using the GET and POST request features.
  • Access virtually any REST API, whether it’s JSON or CSV.
  • Get the data you need in a nice, clean, list on your spreadsheet with the JSON converter.
  • Save time by automating your API calls with the Save and Schedule features.

Try it for free. No credit card needed.

Learn more about APIs by reading these next: