Custom Headers
Custom headers are project-level HTTP headers that TesterArmy sends with every request to the target URL host during test runs. Use them to reach preview or staging deployments, satisfy a bypass policy, or tag TesterArmy requests so your app can recognize them.
Headers are only sent to the host of your target URL. Requests to other hosts (third-party scripts, OAuth providers) are not intercepted, so header values never leave your deployment.
Add custom headers
- Go to Project Settings → Integrations → Site Protection.
- Click Set up on the Custom Headers card.
- Add a header name and value for each header your deployment needs.
- Click Save headers.
Headers are stored encrypted and sent automatically for all test runs in that project.
Identifying TesterArmy traffic
During test runs, TesterArmy always sends an X-TesterArmy: true header with requests to the target URL host, so your app can tell TesterArmy traffic apart from real users. If you define your own custom header named X-TesterArmy, your value is sent instead.
Cloudflare Access
If your site is protected by Cloudflare Zero Trust (Access), see Cloudflare Zero Trust for setting up service tokens or a bypass policy that works together with custom headers.
