All Products
Search
Document Center

API Gateway:Configure a header modification policy

Last Updated:Jun 23, 2026

Header modification policies let you add, update, or delete headers in requests before they reach backend services, or in responses before they are returned to clients.

Procedure

  1. Cloud-native API Gateway provides two methods to configure a header modification policy:

    APIs outside instances

    1. Log on to the API Gateway console. In the navigation pane on the left, choose API. In the top navigation bar, select a region.

    2. Click the target API. From the drop-down list, select the instance for which you want to configure the policy, or select All instances.

    3. On the Routes tab, select the target route.

    APIs within an instance

    1. Log on to the API Gateway console. In the navigation pane on the left, choose Instance. In the top navigation bar, select a region.

    2. On the Instance page, click the ID of the target gateway instance. In the navigation pane on the left, choose API, and then click the target API.

    3. On the Routes tab, select the target route.

  2. Click the Configure Policy tab, and then click Enable Policy/Plug-in under Inbound Processing or Outbound Processing.

  3. Click the Edit Header card. In the Add Policy: Edit Header panel, configure the parameters and click Add.

    Parameter

    Description

    Enable

    • Enable: Applies the header modification policy to requests and responses.

    • Disable: Does not apply the header modification policy.

    Header Type

    The header type to modify. Valid values: Request and Response.

    • Request: The policy applies to request headers.

    • Response: The policy applies to response headers.

    Operation Type

    The operation to perform on the header. Valid values: Add, Modify, and Delete.

    • Add: Adds a header to the request or response.

      Note

      If the specified header already exists, this operation appends the new header value to the existing one, separated by a comma (,).

    • Modify: Modifies a specified header in the request or response.

      Note
      • If the specified header does not exist, this operation adds a new header with the specified key and value.

      • If the specified header exists, this operation overwrites its value.

    • Delete: Deletes a specified header from the request or response.

    Header Key

    The name of the header to add, modify, or delete.

    Header Value

    The value of the header.

Verify the result

The following example adds a test:demo response header. Replace the values with your actual values.

Run the following command to test the configuration:

curl -I  http://121.196.XX.XX/demo/item/list       // Replace with your gateway's ingress IP address

The response contains the test:demo header:

HTTP/1.1 200 OK
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
content-length: 86
date: Tue, 30 Nov 2021 03:03:04 GMT
x-envoy-upstream-service-time: 4
test: demo
server: istio-envoy