HTTP headers

The Relativity REST API requires a minimal number of standard fields in the HTTP header for a request. For more information about how headers are used, see Supported HTTP methods.

CSRF – The cross-site request forgery (CSRF) field must be included in requests. This field provides basic security by preventing malicious parties from scanning your REST endpoint.
Set the X-CSRF-Header to any value except an empty string. In general, the header value is set to a dash (-). See the following example:
```
  X-CSRF-Header: -
```
Note: Don't leave this header value blank. If you omit this header field, the request fails.
Content-Type – This header field can be set to application/json, application/json;charset/utf-8, or text/json. See the following sample:
```
  Content-Type: application/json
```
Authorization – This header field is required if you are using basic or Active Directory authentication. See REST API authentication.

Additional Resources
DevHelp Community	GitHub	Release Notes	NuGet
Share knowledge with the Relativity developer community.	Access tools and resources to build an application.	Review the most recent product release notes.	Create .NET Apps faster with NuGet.

HTTP headers

Additional Resources