sahil sahil - 2 months ago 14x
reST (reStructuredText) Question

Passing parameter in request body or request header- what is difference and pros and cons of each?

I have api that is exposed to multiple clients. They all when requesting any resource send me a "sourceId" through which i identify which client the request is coming from:

Should i accept "sourceId" in body or in headers? How would it impact in the future?

Headers make more sense as this is something that would remain static for a particular client but i can't think of a good reason as to how i can decide which parameter to send in body and which in headers?


For some HTTP methods, such as HEAD GET and DELETE, the request payload has no defined semantics and sending a payload body on a such requests might cause some existing implementations to reject the requests. For further details, check the RFC 7231, the current reference for semantics and content in HTTP/1.1.

Sending the parameter in a HTTP header should work for all HTTP methods though.

If the source identifier is an API key or it's used for authentication, it should be sent in the Authorization header. There are many APIs that define custom HTTP headers like X-API-Key or X-Source-ID. I would avoid that though.