Announcement: You can find the guides for Commerce 7.5 and later on the new Elastic Path Documentation site. The Developer Center continues to support Commerce 6.13.0 through 7.4.1.Visit new site

Headers

Headers

Cortex supports these standard HTTP request headers:

Header Usage
Authorization Sets the access token, which was created by the reference OAuth2 implementation.
Content-Type Sets the media-type the client application is sending.

Cortex supports setting these standard HTTP response headers:

Header Usage
Cache-Control

Sets the response's cacheability.

When a resource's max-age is set to 0, Cortex sets the following cache control header :no-cache.

When a resource's max-age is greater than 0, Cortex sets the following cache control header: private, no-transform, max-age=600

Content-Type Sets the response's media-type.
Location Sets the reference location of a newly created resource.
WWW-Authenticate Set by the reference OAuth2 implementation when an acceptable Authorization header has not been set.
Cortex supports setting these custom HTTP request headers:
Header Usage
X-Ep-User-Id Sets the identifier of the shopper. This can be used when integrating with an alternate authentication provider in a trusted environment.
X-Ep-User-Roles Sets the roles of the shopper. This can be used when integrating with an alternate authentication provider in a trusted environment.
X-Ep-User-Scopes Sets the scopes that the shopper can access. This can be used when integrating with an alternate authentication provider in a trusted environment.
X-Ep-User-Traits Sets the shopper's traits, which can personalize the responses returned to client.
X-Forwarded-Base Sets the alternate base URL for the links returned in a response. This rewrites the links base URL, which is useful when Cortex is deployed behind a proxy server.