Custom Headers

View as Markdown

Custom headers are project-level HTTP headers that TesterArmy sends with every request to the target URL host during test runs. Use them to reach preview or staging deployments, satisfy a bypass policy, or tag TesterArmy requests so your app can recognize them.

Headers are only sent to the host of your target URL. Requests to other hosts (third-party scripts, OAuth providers) are not intercepted, so header values never leave your deployment.

Add custom headers

  1. Go to Project Settings → Integrations → Site Protection.
  2. Click Set up on the Custom Headers card.
  3. Add a header name and value for each header your deployment needs.
  4. Click Save headers.

Headers are stored encrypted and sent automatically for all test runs in that project.

Identifying TesterArmy traffic

During test runs, TesterArmy always sends an X-TesterArmy: true header with requests to the target URL host, so your app can tell TesterArmy traffic apart from real users. If you define your own custom header named X-TesterArmy, your value is sent instead.

Cloudflare Access

If your site is protected by Cloudflare Zero Trust (Access), see Cloudflare Zero Trust for setting up service tokens or a bypass policy that works together with custom headers.