Support for HTTP response headers

This pageapplies toApigee andApigee hybrid.

View Apigee Edge documentation.

This topic describes how Apigee handles HTTP/1.1 caching headers when you're using the ResponseCache policy. Apigee currently supports a subset of the HTTP/1.1 caching headers and directives (unsupported features are listed in this topic) received from backend target (origin) servers.

In addition, with certain headers Apigee takes action based on their directives. In some cases, these HTTP/1.1 cache headers override whatever behavior is specified in the ResponseCache policy. For example, if theCache-Control header is returned from a backend server, you can have the header'ss-maxage directive potentially override other expiration settings in the policy.

Note: The HTTP/1.1 specification describes standard caching headers and control mechanisms that support caching along the HTTP request/response chain. These headers and mechanisms provide information about cached resources. They also help servers determine how to manage cached data. The specification itself contains detailed information aboutcaching in HTTP. There are also many blogs, articles, and other resources available on the Internet that explain HTTP caching.Note:Using headers to influence cache keys and cache entry TTL You can have Apigee use response headers when constructing response cache keys and setting cache entry TTL. To do this, you use these flag elements of the ResponseCache policy:

<UseResponseCacheHeaders> -- When this is set totrue, Apigee will consider HTTP response headers used when setting the "time to live" (TTL) of the response in the cache. For details, see "Setting cache entry expiration" and<UseResponseCacheHeaders> in Response Cache policy.
<UseAcceptHeader> -- When this is set totrue, Apigee will use responseAccept headers to augment the cache key. For more, see<UseAcceptHeader> inResponse Cache policy.

Header	Support
Cache-Control	Supported on responses returned from backend origin servers, but not client requests. Apigee supports a subset of directives.
Expires	Supported. Can be overridden.
Entity Tags (ETags)	Specific behavior forIf-Match andIf-None-Match.
If-Modified-Since	On GET requests, header is passed to the origin server even if a valid cache entry exists.
Accept-Encoding	Apigee sends either compressed or uncompressed responses depending on the incoming headers.

Cache-Control

Apigee supports theCache-Control header only on responses returned from backend origin servers (the HTTP/1.1 spec allowsCache-Control headers in both client requests and origin server responses). Origin servers can include both target endpoints defined in an Apigee API proxy and those created using TargetServer API calls.

Cache-Control support limitations

Apigee supports a subset ofCache-Control response header capabilities defined in the HTTP/1.1 specification. Please note the following:

Apigee does not supportCache-Control headers that arrive with inbound client requests.
Apigee supports only the notion of public caches. (According to the HTTP specification,Cache-Control can either be public (shared) or private (single user).)
Apigee supports only a subset ofCache-Control response directives in the HTTP/1.1 specification. SeeSupport for Cache-Control response header directives for details.

Support for Cache-Control response header directives

Apigee supports a subset directives from the HTTP/1.1 specification on responses from origin servers. The following table describes Apigee support for HTTP Cache-Control response header directives.

For more detailed information on the directives listed here, seeCache-Control in the HTTP/1.1 specification.

Cache-Control directive	How Apigee processes the directive
`cache-extension`	Not supported.
`max-age`	If your ResponseCache policy sets the`<UseResponseCacheHeaders>` element to`true`, the response can be cached for the number of seconds specified by this directive. This directive is overridden by the`s-maxage` directive and overrides the`Expires` header. It can also be overridden by the policy's`<ExpirySettings>` element. For more, see "Setting cache entry expiration" and`<UseResponseCacheHeaders>` inResponse Cache policy. Note: Content cached with the ResponseCache policy will retain the max-age value set by its origin. This means that when retrieved from the cache, the content might be older than its max-age value suggests (older than the client knows).
`must-revalidate`	Not supported. All cache entries are deleted by Apigee as soon as they expire.
`no-cache`	Apigee caches the origin response, but it must be revalidated with the origin server before being used to satisfy any subsequent client requests. This rule allows the origin to return a 304 Not Modified response in order to indicate that the response should be returned from cache, thus saving the processing required to return the entire response. If the origin server returns a full response, it replaces the existing cache entry. Any field names specified with this directive are ignored. Note: The HTTP/1.0 header,`Pragma: no-cache` is treated as equivalent to`Cache-Control: no-cache`.
`no-store`	Not supported.
`no-transform`	Not supported.
`private`	Not supported. If this directive is received, the origin response is not cached. Any field names are ignored.
`proxy-revalidate`	Not supported. All cache entries are deleted by Apigee as soon as they expire.
`public`	Apigee caches the origin response, even when other directives indicate otherwise. Per the HTTP/1.1 specification, the only exception to this rule is if the response includes an Authorization header.
`s-maxage`	If your ResponseCache policy sets the`<UseResponseCacheHeaders>` element to`true`, the response can be cached for the number of seconds specified by this directive. This directive is overrides the`max-age` directive and the`Expires` header. It can be overridden by the policy's`<ExpirySettings>` element. For more, see "Setting cache entry expiration" and`<UseResponseCacheHeaders>` inResponse Cache policy. Note: Content cached with the ResponseCache policy will retain the s-maxage value set by its origin. This means that when retrieved from the cache, the content might be older than its s-maxage value suggests (older than the client knows).

Expires

When theUseResponseCacheHeaders flag in the ResponseCache policy is set totrue, Apigee can use theExpires header to determine the time to live (TTL) of a cached entry. This header specifies a date/time after which a response's cache entry is considered stale. This header allows servers to signal when it's okay to return a cached value based on a time stamp.

Note: TheCache-Control header directivesmax-age ands-maxage take precedence over and override theExpires header. For more, see "Setting cache entry expiration" and<UseResponseCacheHeaders> in Response Cache policy.

Acceptable date formats for theExpires header are described in the HTTP/1.1 specification. For example:

Expires: Thu, 01 Dec 1994 16:00:00 GMT

For detailed information on HTTP date/time formats, seeDate/Time Formats in the HTTP/1.1 specification.

Note: While section 14.21 of the specification indicates that anExpires value of more than one year in the future means that a cache entry never expires, Apigee interprets such a value to mean that the entry should be cached until the specified date and time.

For more information onExpires header, see Header Field Definitions in the HTTP/1.1 specification.

ETag

An entity tag (ETag) is an identifier associated with a requested resource. Using an ETag, a server can determine if the requested resource and the associated cached resource match. For example, the server could re-cache the response if it doesn't match what's currently cached. It could return the cached resource if the ETags match.

When a target endpoint sends a response back to Apigee with an ETag, Apigee caches the ETag along with the response.

You can read more about Entity Tags inProtocol Parameters in the HTTP/1.1 specification.

If-Match

With theIf-Match request header, a cached entity is current if the ETag in the header matches the cached ETag. Any requests other than GET that specify anIf-Match header are passed on to the origin server to ensure that any origin caching facilities have a chance to process the request.

You can read more aboutIf-Match inHeader Field Definitions in the HTTP/1.1 specification.

If Apigee receives an inbound GET request from a client that includes anIf-Match header:

If	Then
The`If-Match` header specifies one or more ETags	Apigee retrieves any unexpired cache entries for the specified resource and compares any strong ETags on those cached entries with those specified in the`If-Match` header. If a match is found, the cache entry is returned. If not, the request is passed to the origin server.
The`If-Match` header specifies "*"	The request is passed on to the origin server to ensure that any origin caching facilities have a chance to process the request
A cache entry with the same request URI is found, but it contains only weak ETags	The entry must be revalidated by the origin server before being returned to the client
The ETags comes from the origin server.	The ETag is returned unchanged to the client

If-None-Match

With theIf-None-Match header, a cached entity is current if the ETag in the headerdoes not match the cached ETag. Requests other than a GET that contain this header are passed to the origin server.

If Apigee receives an inbound GET request with this header:

If	Then
The`If-None-Match` header specifies one or more ETags	Apigee retrieves any unexpired cache entries for the specified URI and compares any strong ETags on those cached entries with those specified in the`If-None-Match` header. If a match is found, Apigee returns a 304 Not Modified status. If no match is found, Apigee passes the request to the origin server.
The`If-None-Match` header specifies "*" and an unexpired cached entry for the requested URI exists	Apigee returns a 304 Not Modified status
A cache entry with the same request URI is found but contains only weak ETags	The entry must be revalidated by the origin server before Apigee returns it to the client
Apigee receives an ETag from an origin server	The ETag is returned unchanged to the client

If-Modified-Since

If Apigee receives anIf-Modified-Since header in a GET request, it is passed along to the origin server even if a valid cache entry exists.

This ensures that any updates to a resource that did not pass through Apigee are accounted for. If the origin server returns a new entity, then Apigee replaces the existing cache entry with the new value. If the server returns a 304 Not Modified status, Apigee returns the response value if the cached response'sLast-Modified header indicates that it has not changed.

Accept-Encoding

When an incoming request includes the headerAccept-Encoding with values ofgzip,deflate orcompress, the origin server responds with compressed data. When subsequent requests come without theAccept-Encoding headers, they expect an uncompressed response. Apigee's response caching mechanism is capable of sending both compressed and uncompressed responses depending on the incoming headers without going back to the origin server.

You can have Accept header values appended to cache keys to make the keys more meaningful for each cached item. For more details, see "Configuring a cache key" inResponse Cache policy.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-17 UTC.

Movatterモバイル変換

Support for HTTP response headers Stay organized with collections Save and categorize content based on your preferences.