Cortex Client Developer Documentation

Headers

Headers

Cortex supports these standard HTTP request headers:

Header Usage
Authorization Sets the access token, which was created by the reference OAuth2 implementation.
Content-Type Sets the media-type the client application is sending.

Cortex supports setting these standard HTTP response headers:

Header Usage
Cache-Control

Sets the response's cacheability.

When a resource's max-age is set to 0, Cortex sets the following cache control header :no-cache.

When a resource's max-age is greater than 0, Cortex sets the following cache control header: private, no-transform, max-age=600

Content-Type Sets the response's media-type.
Location Sets the reference location of a newly created resource.
WWW-Authenticate Set by the reference OAuth2 implementation when an acceptable Authorization header has not been set.
Cortex supports setting these custom HTTP request headers:
Header Usage
X-Ep-User-Id Sets the identifier of the shopper. This can be used when integrating with an alternate authentication provider in a trusted environment.
X-Ep-User-Roles Sets the roles of the shopper. This can be used when integrating with an alternate authentication provider in a trusted environment.
X-Ep-User-Scopes Sets the scopes that the shopper can access. This can be used when integrating with an alternate authentication provider in a trusted environment.
X-Ep-User-Traits Sets the shopper's traits, which can personalize the responses returned to client.
X-Forwarded-Base Sets the alternate base URL for the links returned in a response. This rewrites the links base URL, which is useful when Cortex is deployed behind a proxy server.