All Products
Search

This Product

    API Gateway:Configure header modification policies

    Document Center

    API Gateway:Configure header modification policies

    Last Updated:Dec 04, 2025

    You can configure a header setting policy to modify the headers in requests or responses before the requests are forwarded to destination backend services or before the responses of backend services are returned to clients. This topic describes how to configure a header setting policy for a cloud-native gateway.

    Configure a header policy

    1. Cloud-native API Gateway supports header modification policy configuration through two approaches:

      APIs outside instances

      1. Log on to the API Gateway console. In the left-side navigation pane, click Cloud-native API Gateway > API. In the top navigation bar, select a region.

      2. Click the target API. On the API details page, select an instance from the drop-down list, or select All Instances. image

      3. On the Routes tab, select the target route.

      APIs in instances

      1. Log on to the API Gateway console. In the left-side navigation pane, click Instance. In the top navigation bar, select a region.

      2. Click the target instance. In the left-side navigation pane, click API, and click the target API.

      3. On the Routes tab, select the target route.

    2. Click the Policy Configuration tab and click Enable Policy/Plug-in next to Inbound Processing or Outbound Processing.

    3. Click the Edit Header card. In the Add Policy panel, set the following parameters as needed, and click Add.

      Parameter

      Description

      Enable

      Specifies whether the gateway controls the headers in requests or responses.

      Header Type

      The header type. Valid values:

      • Request: The header setting policy takes effect for requests.

      • Response: The header setting policy takes effect for responses.

      Operation Type

      The header-related operation that you can perform on requests or responses. Valid values:

      • Add: adds a header to requests or responses.

        Note

        If the specified header already exists in a request or a response, the specified header value in this policy is concatenated to the existing header value. The values are separated by commas (,).

      • Modify: modifies a header in requests or responses.

        Note

        • If the specified header does not exist in a request or a response, the header is added to the request or response based on the header key and value specified in this rule.

        • If the specified header already exists, its value is overwritten by the specified header value in this rule.

      • Delete: removes a header from requests or responses.

      Header Key

      The name of the header in requests or responses.

      Header Value

      The value of the header in requests or responses.

    Verify the result

    In this example, a header is added to responses. The following figure shows the configuration of the policy.

    Header.png

    Run the following command to send a testing request:

    curl -I  http://121.196.XX.XX/demo/item/list       // The ingress IP address of the gateway.

    The following response is returned. The response contains the test:demo header.

    HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
content-length: 86
date: Tue, 30 Nov 2021 03:03:04 GMT
x-envoy-upstream-service-time: 4
test: demo
server: istio-envoy