HTTP headers

The Relativity REST API requires certain fields in the HTTP header for a request:

X-CSRF-Header: The cross-site request forgery (CSRF) field must be included in requests. This field provides basic security by preventing malicious parties from scanning your REST endpoint. Set the X-CSRF-Header to any value except an empty string. Usually, you would set the header value to a dash (-) as in the following example:
```
X-CSRF-Header: -
```
Note: Don't leave this header value blank. If you omit this header field, the request fails.
Content-Type: you can set this header field to application/json. See the following sample:
```
Content-Type: application/json
```
Authorization: This header field is required if you are using basic or Active Directory authentication. See REST API authentication.
Accept-Encoding: Set this header field to gzip to automatically compress responses. Any other Accept-Encoding headers are ignored.

Additional Resources
DevHelp Community	GitHub	Release Notes	NuGet
Share knowledge with the Relativity developer community.	Access tools and resources to build an application.	Review the most recent product release notes.	Create .NET Apps faster with NuGet.