When making requests to the API, certain HTTP headers ensure that communication is reliable, predictable, and compliant with web standards.
Applicative HeadersHeaders directly related to your API request content and authentication.
| Header | Purpose / Short Description |
|---|---|
| 📦 Content-Type | Indicates format of request body (e.g., JSON). |
| 🎯 Accept | Tells API which response format is expected (usually JSON). |
| 🔑 Authorization | Provides API key / token for authenticated endpoints. |
| 🛡️ Idempotency-Key | Optional; prevents duplicate operations on retry (critical for payments/payouts). |
Transport / HTTP HeadersRequired or automatically handled by the HTTP protocol. Do not modify unless you know what you are doing.
| Header | Purpose / Short Description |
|---|---|
| 🖥️ Host | Identifies the server being contacted (required by HTTP/1.1). |
| 📏 Content-Length | Size of request body in bytes (auto-calculated by client). |
| 📝 User-Agent | Identifies client software; used for monitoring/debugging. |
| 🔗 Connection | Controls if network connection remains open after request. |
Best practices
- Always send
Content-Type: application/jsonwhen including a JSON body.- Always send
Accept: application/jsonto ensure consistent responses.- Always include
Authorizationfor secured endpoints.- Use
Idempotency-Keyfor critical operations to prevent duplicates.- Let your HTTP client handle transport headers (
Host,Content-Length,Connection) automatically.- Log all request and response headers during development to simplify debugging.
🔒 Application-Level Headers (you must set them)
These headers directly affect how the API interprets your request and what it returns. You are responsible for setting them correctly.
Content-Type
Content-TypePurpose: Tells the API how to interpret the body of your request.
Most common value:
Content-Type: application/json
Why it matters
- Without it, the API may not parse your request body correctly.
- Some endpoints may still work, but unexpected issues (e.g. malformed JSON errors) can appear.
- ✅Always set this header when sending JSON bodies (e.g.
POST,PUT,PATCHrequests).
Accept
AcceptPurpose: Tells the API the format you expect in the response.
Most common value:
Accept: application/json
Why it matters
- Ensures the API returns JSON.
- Without it, the server may default to another format (rare but possible).
- ✅ Always include
Accept: application/json.
Authorization
AuthorizationPurpose: Carries your API key, token, or credentials.
Example:
Authorization: Bearer YOUR_API_KEY
Why it matters
- Required for all authenticated endpoints (all except "login").
- Without it, you will receive
401 Unauthorized.
Idempotency-Key (if supported)
Idempotency-Key (if supported)Purpose: Prevents duplicate operations (e.g. payments, payouts) when retrying a request.
Example:
Idempotency-Key: unique-string-123
Why it mattersIf your client retries due to a timeout or network issue, the API ensures the same operation is not executed twice.
⚙️ Transport-Level Headers (handled by HTTP clients)
These headers are required by the HTTP protocol itself. In almost all cases, your HTTP client (e.g. Postman, curl, axios, fetch) automatically sets them.
Host
Host- Identifies the server you are connecting to.
- Mandatory in HTTP/1.1.
Example:
Host: api.example.com⚠️ If you remove it manually, the server will likely return 400 Bad Request.
Content-Length
Content-Length- Indicates the size (in bytes) of the request body.
- Automatically calculated and added by your HTTP client when you send a body.
- Incorrect values can cause truncated or rejected requests.
- ✅ Do not set it manually unless absolutely necessary.
User-Agent
User-AgentIdentifies your client software; user for monitoring/debugging.
Example values:
PostmanRuntime/7.32.3
curl/8.1.2Some APIs use it for monitoring or debugging.
✅Keep it, or set a custom value to identify your integration.
Connection
ConnectionControls whether the network connection stays open after the request.
Example value:
Connection: keep-aliveUsually added automatically by the client. Rarely needs to be changed.