Header name must be a valid HTTP token

ianr · June 4, 2020, 9:27am

Morning all.
Quick/dumb question that I cant seem to find an answer for.

I’m using Windows 10 Postman app v7.25.2, to try to hit a 3rd party api that I have no control over.
The 3rd party api needs certain header fields that begin with a colon ‘:’, eg “:authority”.

However, Postman wont let me send a request with that header since its (correctly) considered an invalid header when containing the colon. The console error is:
Error: Header name must be a valid HTTP token [":authority"]

So the question is: is there any way I can override this checking behavior in Postman to let the request through. I cannot change the 3rd party api.

I’m sure I’m not the first to hit this issue but can’t find anything here or much via google.

Thanks in adv

tonytikeasy · March 31, 2021, 2:00pm

Did you find any solution ?

ianr · April 7, 2021, 1:36pm

nope, and I guess there’s no easy answer because there’s no other replies to my post

pranavdavar · April 7, 2021, 6:14pm

Colon is an invalid character for the HTTP header as per HTTP standards given in RFC822.

There is a discussion on stack overflow regarding acceptable characters in HTTP headers.

Postman is throwing an error for header key “:authority” as it is failing the validation for the acceptable HTTP header.

Hope this helps

ianr · April 7, 2021, 6:28pm

Yep, I understand that much already. For me it would’ve been handy to have been able to override that behaviour in Postman though

technical-candidate9 · September 14, 2022, 4:57pm

The big issue here is with Pseudo-Headers that are used in http/2. They are valid in that spec for specific headers :authority being one of them. Postman does not support http/2.