# Common Patterns

### Common Patterns & Conventions

This section explains the recurring patterns and conventions used across the Theropay API.
Understanding these will help you interact with the API more predictably and efficiently.

### Connection Requirements

### 1. Secure Connections (HTTPS)

All communication with the Theropay API **must** be encrypted via **HTTPS**.
Any requests made over HTTP will be rejected.

### 2. Content Type

For any request that sends data to the server `POST`, `PUT`, `PATCH`
you must include the following header:

| **Header Name** | **Usage** | **Value** | **Required** |
|  --- | --- | --- | --- |
| **Authorization** | Used to authenticate API requests with your API key or token. | `Bearer YOUR_API_KEY` | Yes |
| **Content-Type** | Defines the format of the request body. | `application/json` | Yes (for POST, PUT, PATCH) |
| **Accept** | Indicates the response format the client expects. | `application/json` | Recommended |
| **X-Request-ID** | A unique, client-generated identifier for request tracing. | Any unique string | No |
|  |  |  |  |