Headers and Responses


This page provides an overview of how to setup your API requests, and handle responses.  Please refer to our Quick Start Guide for details on which values to use, and how to get started.

Not sure how HTTP headers work?  This page provides a great overview.

Example request


Request headers

Sent headerDescriptionData typeOptional / Mandatory
clientThis is your client username (usually four letters long, but sometimes with additional numbers). StringMandatory
x-api-keyThis is the key used to access the APIStringMandatory
AuthorizationThis is the key used to identify your access levels and permissionsStringMandatory
api-versionIdentifies the version of the API that you are using. Please see the Quick start guide for the current version number. StringMandatory
geolocationFor many API methods, the geolocation is mandatory, so that relevant responses may be provided. For example when you use the filmShowTimes method, the API will return a list of the nearest cinemas showing the film you requested, based on the user’s geolocation. Please note that the Latitude and Longitude must be separated by a semicolon. Example 52.123;0.456Latitude and LongitudeOptional
user_idWhere you are making use of our personalisation features (eg Favourite cinemas, film wishlist), we require a user IDStringOptional
app_versionWhere you anticipate multiple versions of your app to be available simultaneously, you may wish to add your app_version to the header, which allows us to assist you with debugging specific versionsStringOptional
app_platformIdentifies the platform from which requests are sent, for example iOS, Android, Browser. This will allow us to assist you with debugging specific versions of your app.StringOptional

 Response headers

ExpiresYou can cache responses on individual clients / devices if the Expires field in the Response header shows a date/time later than the current time. If the date/time is before the current time, then you should not cache the data.

Expires –> Wed, 08 Feb 2017 16:30:00 GMT

MG-messageMovieGlu generated error message, providing guidance on possible causes of errors, or lack of data.

Response status codes

Status codeDescription
204No content available. Please see the message in the response header – MG-message field for more information.
400Bad request – Can be incorrect api-version or Authorization, but usually due to an incorrect method name, URL structure or invalid query paramater. Please see the message in the response header – MG-message field for more information.
403Forbidden – Incorrect/missing x-api-key
429Too many requests – Your quota for API requests has been exceeded. Please contact our support team.
504Gateway Time-out. Usually caused by a server issue. If this error persists for more than a few minutes, please contact our support team.

Response status messages

Status codeDescription
countNumber of results returned
stateOne of 3 states OK, Error, Warning
CodeOne of 3 codes 1 (OK), 0 (Error), 2 (Warning) these correspond to the states above and are easier to check than status types
methodThe method called to which the status applies
messageA descriptive error message, where applicable
request_methodThe HTTP method used (GET, PUT, DELETE)
versionThe version number of the requested API

Other error messages

Incorrect case used

The API names are case sensitive.  If you see this message, or similar, then check that you have used the same cases as in the documentation.
“message”: “Authorization header requires ‘Credential’ parameter. Authorization header requires ‘Signature’ parameter. Authorization header requires ‘SignedHeaders’ parameter.
For example, you will see this error message if you use GET “CinemaDetails”.  But it will work fine if you use “cinemaDetails”.