# Headers

> To try it out today, please contact us at <support@vgs.io>

## Working with Headers

It's often a requirement to pass the secret value as an alias inside a header or generate a new header as a requirement of a payment gateway. The example on this page shows how to manage that properly. Alternatively, the alias can also be hardcoded in the Larky code directly. This case considers two scenarios together.

### Larky code sample

The code sample below demonstrates how to:

* Read from / write into the header
* Add/delete the header
* Reveal of `secret` value
* Manage the case if the header is absent

```python
load('@stdlib/json', 'json')
load("@vgs//vault", "vault")

def process(input, ctx):
    headers = input.headers

    # careful reading
    alias = 'tok_sandbox_vvLyaGWnxm5msxd8Zh3QS1' # hardcoded value
    if 'secret' in headers:
        # removing old header
        alias = headers.pop('secret')

    # reveal of the key
    key = vault.reveal(alias)

    # adding new header
    input.headers['Authorization'] = 'Bearer ' + key

    return input
```

### Testing

Request to send:

```bash
curl {VAULT_URL}/post \
  -H 'Content-Type: application/json' \
  -H 'Secret: tok_sandbox_vvLyaGWnxm5msxd8Zh3QS1' \
  -d '{ }'
```

Response example:

```json
"headers": {
    "Accept": "*/*",
    "Authorization": "Bearer FNfcatCkg5yqh5mPBEwuxbbVFNfcatCkg5yqh5mPBEwuxbbV",
    "B3": "00082402568a56f59a3f94f2d26a42f2-0d80d440d9aef470-1",
    "Connection": "close",
    "Content-Length": "3",
    "Content-Type": "application/json",
    "Host": "echo.apps.verygood.systems",
    "User-Agent": "curl/7.77.0",
    "Vgs-Request-Id": "00082402568a56f59a3f94f2d26a42f2",
    "Vgs-Tenant": "{VAULT_ID}",
    "X-Amzn-Trace-Id": "Root=1-6238ba7c-15b8bce65d777a053529f0f0",
    "X-B3-Sampled": "1",
    "X-B3-Spanid": "2c388296d74386cb",
    "X-B3-Traceid": "dbe5bffd53fb6537b2e4c49bc3c31c81",
    "X-Forwarded-Host": "{VAULT_ID}.sandbox.verygoodproxy.com"
  }
```

### Useful links

* [YAML file export/import](https://github.com/verygoodsecurity/docs-content-vault/blob/update-content/docs/features/yaml/README.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.verygoodsecurity.com/vault/developer-tools/larky/code-examples/headers.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.