diff --git a/Classes/Controller/SessionController.php b/Classes/Controller/SessionController.php
index 0469753..3e7bb12 100644
--- a/Classes/Controller/SessionController.php
+++ b/Classes/Controller/SessionController.php
@@ -85,13 +85,14 @@ public function createAction(Request $request): Response
         }
 
         $response->setStatusCode($statusCode);
+        $response->headers->set('Content-Type', 'application/json');
         $response->setContent(json_encode($responseContent, JSON_NUMERIC_CHECK | JSON_PRETTY_PRINT));
 
         return $response;
     }
 
     /**
-     * Validated the request. If is it not valid, sets a status code and a response content.
+     * Validates the request. If is it not valid, sets a status code and a response.
      *
      * @param string $rawRequestContent
      * @param Response $response
@@ -130,6 +131,7 @@ private function validateCreateRequest(string $rawRequestContent, Response $resp
 
         if (!$isValid) {
             $response->setStatusCode(400);
+            $response->headers->set('Content-Type', 'application/json');
             $response->setContent(json_encode($responseContent, JSON_NUMERIC_CHECK | JSON_PRETTY_PRINT));
         }
 
diff --git a/Tests/Integration/Controller/SessionControllerTest.php b/Tests/Integration/Controller/SessionControllerTest.php
index 204f6d0..d0af1ce 100644
--- a/Tests/Integration/Controller/SessionControllerTest.php
+++ b/Tests/Integration/Controller/SessionControllerTest.php
@@ -60,10 +60,11 @@ public function postSessionsWithNoJsonReturnsError400()
     {
         $this->client->request('post', '/api/v2/sessions');
 
-        $responseContent = $this->client->getResponse()->getContent();
-        $parsedResponseContent = json_decode($responseContent, true);
+        $response = $this->client->getResponse();
+        $parsedResponseContent = json_decode($response->getContent(), true);
 
-        self::assertSame(400, $this->client->getResponse()->getStatusCode());
+        self::assertContains('application/json', (string)($response->headers));
+        self::assertSame(400, $response->getStatusCode());
         self::assertSame(
             [
                 'code' => 1500559729794,
@@ -81,10 +82,11 @@ public function postSessionsWithInvalidJsonReturnsError400()
     {
         $this->client->request('post', '/api/v2/sessions', [], [], [], 'Here be dragons, but no JSON.');
 
-        $responseContent = $this->client->getResponse()->getContent();
-        $parsedResponseContent = json_decode($responseContent, true);
+        $response = $this->client->getResponse();
+        $parsedResponseContent = json_decode($response->getContent(), true);
 
-        self::assertSame(400, $this->client->getResponse()->getStatusCode());
+        self::assertContains('application/json', (string)($response->headers));
+        self::assertSame(400, $response->getStatusCode());
         self::assertSame(
             [
                 'code' => 1500562402438,
@@ -116,10 +118,11 @@ public function postSessionsWithValidIncompleteJsonReturnsError400(string $jsonD
     {
         $this->client->request('post', '/api/v2/sessions', [], [], [], $jsonData);
 
-        $responseContent = $this->client->getResponse()->getContent();
-        $parsedResponseContent = json_decode($responseContent, true);
+        $response = $this->client->getResponse();
+        $parsedResponseContent = json_decode($response->getContent(), true);
 
-        self::assertSame(400, $this->client->getResponse()->getStatusCode());
+        self::assertContains('application/json', (string)($response->headers));
+        self::assertSame(400, $response->getStatusCode());
         self::assertSame(
             [
                 'code' => 1500562647846,
@@ -143,11 +146,11 @@ public function postSessionsWithInvalidCredentialsReturnsNotAuthorized()
         $jsonData = ['loginName' => $loginName, 'password' => $password];
 
         $this->client->request('post', '/api/v2/sessions', [], [], [], json_encode($jsonData));
-        $responseContent = $this->client->getResponse()->getContent();
+        $response = $this->client->getResponse();
+        $parsedResponseContent = json_decode($response->getContent(), true);
 
-        $parsedResponseContent = json_decode($responseContent, true);
-
-        self::assertSame(401, $this->client->getResponse()->getStatusCode());
+        self::assertContains('application/json', (string)($response->headers));
+        self::assertSame(401, $response->getStatusCode());
         self::assertSame(
             [
                 'code' => 1500567098798,
@@ -171,9 +174,10 @@ public function postSessionsActionWithValidCredentialsReturnsCreatedHttpStatus()
         $jsonData = ['loginName' => $loginName, 'password' => $password];
 
         $this->client->request('post', '/api/v2/sessions', [], [], [], json_encode($jsonData));
-        $responseContent = $this->client->getResponse()->getContent();
+        $response = $this->client->getResponse();
 
-        self::assertSame(201, $this->client->getResponse()->getStatusCode());
+        self::assertContains('application/json', (string)($response->headers));
+        self::assertSame(201, $response->getStatusCode());
     }
 
     /**