This document describes all the headers used by Orion, as defined in src/lib/rest/HttpHeaders.h.
Accept HTTP header is used in incoming HTTP requests received by Orion.
Accept HTTP header is used in the request to specify which MIME type the client accepts. Typically its value is application/json (for JSON MIME type) although some operations in the NGSIv2 API also allow text/plain.
For example in request URL if we use:
curl ... -H 'Accept: application/json'
On this request we'll get the response data in well defined JSON format.
The API response payloads in this specification are based on application/json and (for attribute value
type operation) text/plain MIME types. Clients issuing HTTP requests with accept types different
than those will get a 406 Not Acceptable error.
This header is used by both requests and responses.
Content-length HTTP header is a mandatory header in Orion responses.
It defines the length of the request and response body in bytes.
Orion Context Broker expects always a Content-Length header in all client requests, otherwise the client will receive a 411 Length Required response.
This is due to the way the underlying HTTP library (libmicrohttpd) works.
Content-Length: 34
It is used to specify the MIME type of the request or response. Typically its value is application/json (for JSON MIME type) although some operations in the NGSIv2 API also allow text/plain.
curl ... -H 'Content-Type: application/json'
This request will send data in well defined JSON format.
Orion sends a blank Expect: header in outgoing requests (notifications and forwarded queries/updates). For more details, follow general documentation of Expect HTTP header at flaviocopes.com, ietf.org and wikipedia.org.
Expect:
Orion includes this header in outgoing request (notifications and forwarded updates/queries).This header provides the port number of notification receiver.
Host: localhost:1028
Origin is used in incoming HTTP requests received by Orion. Its operation is related with CORS, see specific documentation at about CORS in the user manual.
Origin: http://www.example-social-network.com
User-Agent HTTP header is used in notifications and forwarded requests. It describes which version of Orion we are using along with its transfer library. It gives the string that identifies the user agent.
User-Agent: orion/2.2.0-next libcurl/7.29.0 (in notifications and forwarded requests)
Both headers are used in incoming HTTP requests received by Orion. X-Forwarded-For header overrides the original IP of the HTTP request as source of the transaction. X-Real-IP and X-Forwarded-For (used by a potential proxy on top of Orion) overrides IP. X-Real-IP takes preference over X-Forwarded-For, if both appear.
X-Forwarded-For: 129.78.138.66
It is an optional header used in outgoing HTTP responses sent by Orion. Its operation is related with CORS, see specific documentation about CORS in the user manual.
Access-Control-Allow-Origin: *
It is used in outgoing HTTP responses sent by Orion. Its operation is related with CORS, see specific documentation about CORS in the user manual.
Access-Control-Allow-Headers: Authorization, Content-Type, Fiware-Service, Fiware-Servicepath, Ngsiv2-AttrsFormat, Fiware-Correlator, X-Forwarded-For, X-Real-IP, X-Auth-Token
It is used in outgoing HTTP responses sent by Orion. Its operation is related with CORS, see specific documentation about CORS in the user manual.
It is used in outgoing HTTP responses sent by Orion. Its operation is related with CORS, see specific documentation about CORS in the user manual.
Access-Control-Max-Age: 86400
It is used in outgoing HTTP responses sent by Orion. Its operation is related with CORS, see specific documentation about CORS in the user manual.
Access-Control-Expose-Headers: Fiware-Correlator, Fiware-Total-Count, Location.
It is used in outgoing HTTP responses sent by Orion. When the client uses a wrong HTTP method on a given URL resources, this header is used to inform the client which methods are allowed.
Allow: GET
It is used in outgoing HTTP responses sent by Orion on subscriptions, entity creations and registrations.
Response contains a Location header which holds the subscription ID, entity ID or registration ID: a 24 digit hexadecimal number used for updating and deleting the subscription, entity or registration. We use -v in requests to get the Location header in the response.
curl -v localhost:1026/v2/subscriptions -s -S -H 'Content-Type: application/json' -d @- <<EOF
{
//payload
}
EOF
And the response that we will get:
Location: /v2/subscriptions/57458eb60962ef754e7c0998
It is used in outgoing HTTP notifications sent by Orion.
Notifications must include the Ngsiv2-AttrsFormat HTTP header with the value of the format of the associated subscription,
so that notification receivers are aware of the format without needing to infer it from the notification payload.
Note that if a custom payload is used for the notification then a value of custom is used for the Ngsiv2-AttrsFormat header
in the notification.
Ngsiv2-AttrsFormat is a non-modifiable header in custom notifications.
Any attempt of doing so (e.g. "httpCustom": { ... "headers": {"Ngsiv2-Attrsformat": "something"} ...} will be ignored.
Ngsiv2-Attrsformat: normalized
Fiware-Service is used in any kind of HTTP transaction (incoming/outcoming requests and outcoming responses) managed in Orion.
When -multiservice is used Orion includes the Fiware-Service header in the notification requests associated to subscriptions in the given tenant/service (except for the default service/tenant, in which case the header is not present). See related documentation about multitenancy in the user manual.
POST http://127.0.0.1:9977/notify
Content-Length: 725
User-Agent: orion/2.3.0
Host: 127.0.0.1:9977
Accept: application/json
Fiware-Service: t_02
Content-Type: application/json
{
...
}
Fiware-ServicePath is an optional header used in any kind of HTTP transaction (incoming/outcoming requests and outcoming responses) managed in Orion. See specific documentation about service_path in Orion API specification.
Fiware-ServicePath: /Madrid/Gardens/ParqueNorte/Parterre1
It is an optional header used in outgoing HTTP responses sent by Orion. Its operation is related with pagination, see related documentation about pagination in the user manual.
Fiware-Correlator is used in outgoing responses. It is also sent (or propagated) in notifications and forwarded queries/updates.
Fiware-Correlator is a non-modifiable header in custom notifications. Any attempt of doing so (e.g. "httpCustom": { ... "headers": {"Fiware-Correlator": "foo"} ...} will be ignored. See related documentation about logs in the admin manual.
Fiware-Correlator: 600119ce-eeaa-11e9-9e0c-080027a71049
X-Auth-Token is an optional HTTP header, which Orion received in requests and propagates transparently to other requests (notifications and forwarded queries/updated) associated with the original one. It is supposed to be used by security enforcement proxies integrated with Orion such as PEP Steelskin.
"X-Auth-Token": "fff0f4af447f4b589c835f805fe4be29"
Authorization is an optional HTTP header, which Orion received in requests and propagates transparently to other requests (notifications and forwarded queries/updated) associated with the original one. It is supposed to be used by security enforcement proxies integrated with Orion such as PEP Steelskin.
"Authorization": "Bearer fff0f4af447f4b589c835f805fe4be29"