Rate this page:

Headers and cookies

Functions allow you to access and set headers and cookies on incoming requests as well as your responses, as set forth in this documentation. Any controls, management, and configuration related to your use of headers and cookies, including compliance with applicable laws, is your responsibility and outside of Twilio’s control. If you have questions about your legal obligations with respect to headers and cookies, please consult with your legal counsel.

For users of Runtime Handler 1.2.0 or later, Functions allow developers to access the HTTP Headers passed along with incoming requests. This will enable developers to take advantage of Cookies, CORS, and other features that headers enable.

What are headers?

HTTP headers are small pieces of metadata that can be passed between clients and servers as part of the request/response life-cycle. For example, a request might include headers that contain more information about the resource being fetched or the client making the request.

It is also common to pass authentication values and API Keys as headers. For example, Twilio validates its webhook requests by including the X-Twilio-Signature HTTP header in requests.

Using the following request as an example, we can see that it includes headers describing the request's metadata such as Host, Content-Type, and Content-Length. In addition, there is an Authorization header that contains an auth token for identifying the request's user.

GET /example HTTP/1.1
Authorization: 123abc
Content-Type: application/json
Content-Length: 23

  "body": "Ahoy!"

What are cookies?

Cookies are a special kind of header which are typically used to tell if requests are coming from the same client or browser. On the web, they are commonly used for tracking session management (your authentication token and/or shopping cart), enabling personalization (site theme and/or preferences), and tracking of your behavior when browsing a site.

Getting started

Header support is not available for Functions Classic. Please consider migrating to the current version of Functions if you are still using Classic.

To enable headers, you must set the @twilio/runtime-handler Dependency version to 1.2.0 or later in the Functions Editor or your project's package.json if using the Serverless Toolkit. Once you redeploy your Function, headers will be accessible in your Function code.

Update Runtime Handler to version 1.2

What's next?

Now that you have your Runtime Handler updated, you are ready to work with headers and cookies in your Functions! Explore these resources to learn more about how to work with them and what you can build.

Rate this page:

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd by visiting Twilio's Stack Overflow Collective or browsing the Twilio tag on Stack Overflow.

Loading Code Sample...

        Thank you for your feedback!

        Please select the reason(s) for your feedback. The additional information you provide helps us improve our documentation:

        Sending your feedback...
        🎉 Thank you for your feedback!
        Something went wrong. Please try again.

        Thanks for your feedback!