HTTP headers are a cornerstone of how the web works, allowing clients and servers to pass information back and forth. Headers are fundamental to how everything online works, and because most APIs utilize HTTP as transport, headers are fundamental to how APIs work as well. Even with this crucial importance of HTTP headers, they’re always hidden away for web users in the browser, and until Postman emerged, they were also hidden away from most developers, which made APIs pretty difficult to make sense of. Postman has always tried to make the inner workings of the web and APIs more visible to developers, and with the latest release of Postman we’ve taken another step in this direction by offering a live preview of all the headers that will be sent with each web and API request made using the Postman desktop client.
Gaining Greater Visibility Into Both Request and Response Headers
Headers are present in both the request and response of each API request. Historically, Postman has given you a complete view of the headers accompanying each response by listing out headers that return with each API request you make. We also gave you control over adding and defining headers that are sent with each request. The only problem is that there were additional headers being sent with each API request by Postman as part of authorization, cookies, and other auto-generated scenarios that Postman hadn’t necessarily provided visibility into. But now, with this new HTTP live preview release, we are providing you with a complete view of both the request and response headers for each API request.
Let’s take a deeper look at this new capability and how it works, shall we?
Request Header Live Preview Toggle
Most Postman users are already familiar with the Headers tab, where you can add, define, and describe the headers you wish to send along with each API request you make:
What’s different in the latest release is that right next to the title of the Headers tab you’ll find a new header preview toggle (see screenshot below) which allows you to show or hide all the other headers that will be added as part of authorization, cookies, or other HTTP or Postman-specific functionality. This gives you the ability to have a complete view of all the request headers that will accompany each API request you’re making using Postman.
Regular HTTP headers will behave as expected, but all of these auto-generated headers won’t be directly editable in the header live preview. You can go ahead and copy some of the values, but most of them will be generated at request time (or they may only be configurable as part of wherever the functionality originates, such as the authorization tab for authorization headers, cookie manager for cookies, and settings for other headers). Overall, this provides you with a new level of visibility into what headers are being passed as part of each request, with access and control over the headers that are within your realm of control.
Deeper Understanding of HTTP Headers
When working within the request header live preview, in addition to being able to see all of the headers that will be sent with each API request, you are now also able to navigate to the part of Postman where the header originated. This can help you learn about how headers are created in the first place, what they do as part of each API request, and what the possibilities are for making changes to the settings and configuration behind the creation of each request header. This gives you request-header-level control in the following four areas:
- Authorization: Depending on the type of authorization that has been configured, you’ll be made more aware of what headers are generated as part of each authorization format being used to make each API request. Read the docs on authorizing requests.
- Cookies: You’ll be given visibility into—and a link to manage—the cookie settings and configuration behind each header that is being injected as part of transactional cookies which are defined as part of each request. Read the docs on managing cookies.
- Generated headers: Postman also generates headers like the Postman-Token which help ensure that each API request made within Postman is traceable, helping make systems more observable to API developers.
- Settings: Other headers might be introduced as part of specific Postman settings that you may or may not be aware of, giving you the visibility and control into knowing they exist and how they impact each request. Read the docs on settings in Postman.
If a header is associated with any of these four areas of Postman functionality, you’re given a link to where you can learn more about managing each area; you’re also given a little information icon next to each individual request header that provides you with key information about what the header is, what it does, and a snapshot about how much control you have over changing the header for each API request.
Easier HTTP Header Troubleshooting and Debugging
The new live preview capability helps ensure that developers are more aware of which headers are present behind each API request while enabling control over how each API request will ultimately behave. This allows developers to more easily troubleshoot each API request they are making and helps to make new API requests more precise, while also cracking open existing APIs and troubleshooting why specific behaviors are occurring or not occurring.
Postman’s new HTTP header live preview capability helps further pull back the curtain on how the web works, and how APIs work (or don’t work). This helps developers be more efficient and effective in what they do while also helping educate them with hands-on, real-time header info that’s relevant to what they’re trying to accomplish in their everyday projects.