HTTP headers

The Relativity REST API requires a minimal number of standard fields in the HTTP header for a request. For more information about how headers are used, see Supported HTTP methods.

  • CSRF – The cross-site request forgery (CSRF) field must be included in requests and set to blank (empty string). This field provides basic security by preventing malicious parties from scanning your REST endpoint. See the following example:

    If you omit this header field, the request fails.

  • Content-Type – This header field can be set to application/json, application/json;charset/utf-8, or text/json. See the following sample:
    Content-Type: application/json
  • Authorization – This header field is required if you are using basic or Active Directory authentication. See REST API authentication.