Check HTTP header
Use the check-header policy to enforce that a request has a specified HTTP header. You can optionally check to see if the header has a specific value or check for a range of allowed values. If the check fails, the policy terminates request processing and returns the HTTP status code and error message specified by the policy.

Policy statement

XML
<check-header name="header name" failed-check-httpcode="code" failed-check-error-message="message" ignore-case="true">
<value>Value1</value>
<value>Value2</value>
</check-header>

Example

XML
<check-header name="Authorization" failed-check-httpcode="401" failed-check-error-message="Not authorized" ignore-case="false">
<value>f6dc69a089844cf6b2019bae6d36fac8</value>
</check-header>

Elements

Name
Description
Required
check-header
Root element.
Yes
value
Allowed HTTP header value. When multiple value elements are specified, the check is considered a success if any one of the values is a match.
No

Attributes

Name
Description
Required
Default
failed-check-error-message
Error message to return in the HTTP response body if the header doesn't exist or has an invalid value. This message must have any special characters properly escaped.
Yes
N/A
failed-check-httpcode
HTTP Status code to return if the header doesn't exist or has an invalid value.
Yes
N/A
header-name
The name of the HTTP Header to check.
Yes
N/A
ignore-case
Can be set to True or False. If set to True case is ignored when the header value is compared against the set of acceptable values.
Yes
N/A

Usage

This policy can be used in the following policy sections and scopes.
  • Policy sections: inbound, outbound
  • Policy scopes: all scopes

Example

XML
<policies>
<inbound>
<check-header name="Authorization" failed-check-httpcode="401" failed-check-error-message="Not authorized" ignore-case="false">
<value>f6dc69a089844cf6b2019bae6d36fac8</value>
</check-header>
</inbound>
</policies>

Usage

This policy can be used in the inbound policy scopes.
Questions? We're always happy to help with any issues you might have! Send us an email to [email protected] or request the demo with our sales team!
Copy link
On this page
Policy statement
Example
Elements
Attributes
Usage
Example
Usage