Cortex supports the following standard
HTTP request headers for authenticating a user:
Sets the access token, which was created by the reference OAuth2 implementation.
Specifies the Cortex response format used. The options are:
application/json: The responses are returned in the plain JSON format
application/hal+json: The responses are returned in the HAL (Hypertext Application Language) format
Sets the client’s language and preferred locale variant.
Cortex supports setting these custom
HTTP request headers:
Specifies the data policy segments relevant to the current customer. You can specify more than one data policy segment by separating the segments using a comma. You can view the data policies associated with a data segment by entering the data policy segment name in the
Sets the identifier of the shopper. This can be used when integrating with an alternate authentication provider in a trusted environment.
Sets the roles of the shopper. This can be used when integrating with an alternate authentication provider in a trusted environment. Multiple roles should be separated by commas.
Sets the scopes that the shopper can access. This can be used when integrating with an alternate authentication provider in a trusted environment. Multiple scopes should be separated by commas.
Sets the shopper’s traits (including language and currency) which are used to personalize the responses returned to client.
Sets the alternate base URL for the links returned in a response. This rewrites the links base URL, which is useful when Cortex is deployed behind a proxy server.
Cortex supports setting these standard
HTTP response headers:
Sets the response’s cacheability.
When a resource’s max-age is not set, Cortex sets the following cache control header:
When a resource’s max-age is greater than
0, the cache-control
max-age property is set to match. For instance, if a resource’s
max-age is set to
600, then Cortex sets the following cache control header:
Sets the response’s media-type.
Sets the reference location of a newly created resource.
Set by the reference OAuth2 implementation when an acceptable Authorization header has not been set.