What are Response Headers?
When a client (like a browser or an API testing tool) makes an HTTP request to a server, the server responds with:
- Status Line → (status code like 200 OK, 404 Not Found, etc.)
- Response Headers → Metadata about the response.
- Response Body → The actual content/data returned (like JSON, HTML, XML).
Response Headers are key–value pairs that provide additional information about the response.
Examples:
- Content-Type → format of response body (application/json, text/html, etc.).
- Content-Length → size of the response body in bytes.
- Server → server type (e.g., Apache, Nginx).
- Cache-Control → caching policies.
- Set-Cookie → cookies sent by the server.
- Date → time when the response was generated.
Why Test Response Headers in API Testing?
Testing headers is important because they:
- Ensure correct data format → e.g.,
Content-Typemust beapplication/jsonif API promises JSON.
- Security checks → headers like Strict-Transport-Security, X-Content-Type-Options, etc. help secure APIs.
- Performance checks →
Cache-Control,Expireshelp manage caching.
- Compliance checks → some APIs must include custom headers for authorization, tracking, etc.
- Troubleshooting → headers help identify server/software versions or errors.
Steps to test response headers using Rest Assured:
- Set Base URI using
RestAssured.baseURI - Send GET Request using
given().get(endpoint) - Extract Headers from the response
- Verify Specific Headers using assertions
Maven Dependency for Rest Assured
<dependencies> <dependency> <groupId>io.rest-assured</groupId> <artifactId>rest-assured</artifactId> <version>5.3.2</version> <scope>test</scope> </dependency> </dependencies>
Java Code: Get and Test Response Headers
import io.restassured.RestAssured; import io.restassured.response.Response; import io.restassured.http.Headers; import io.restassured.http.Header; public class GetResponseHeaders { public static void main(String[] args) { // Step 1: Set Base URI RestAssured.baseURI = "https://reqres.in/api"; // Step 2: Send GET request Response response = RestAssured .given() .get("/users?page=2"); // Step 3: Print all headers Headers allHeaders = response.getHeaders(); System.out.println("===== All Response Headers ====="); for (Header header : allHeaders) { System.out.println(header.getName() + ": " + header.getValue()); } // Step 4: Get a specific header String contentType = response.getHeader("Content-Type"); String server = response.getHeader("Server"); System.out.println("\nContent-Type: " + contentType); System.out.println("Server: " + server); // Step 5: Validate headers using assertions if (!"application/json; charset=utf-8".equals(contentType)) { throw new AssertionError("Expected Content-Type not found!"); } if (!"cloudflare".equalsIgnoreCase(server)) { throw new AssertionError("Expected Server header value not found!"); } System.out.println("\n Header validations passed successfully!"); } }
Code explanation:
1. Set Base URI
2. Send GET Request
3. Print all headers on console
4. Get a specific header
5. Validate headers using assertions
Output:
===== All Response Headers ===== Date: Mon, 28 Jul 2025 14:00:00 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Server: cloudflare ... Content-Type: application/json; charset=utf-8 Server: cloudflare Header validations passed successfully!
Useful Methods in Rest Assured
- response.getHeaders() – Gets all headers
- response.getHeader("Header-Name") – Gets a specific header
- response.header("Header-Name") – Alias for getHeader
- response.getHeaders() – Gets all headers
- response.getHeader("Header-Name") – Gets a specific header
- response.header("Header-Name") – Alias for getHeader
Suggested Posts:
1. Test PUT API in RestAssured
2. How to extract Response in Rest Assured by JSONPath
3. Test DELETE API in RestAssured
4. How to Test SOAP API by RestAssured
5. How to Test Basic Authentication in RestAssured