As a countermeasure to prevent Cross-Site Request Forgeries (CSRF), the Ardexa API requires a CSRF token be submitted with any request that modifies data, e.g. POST.
Two cookies are provided by the API for any request:
XSRF-TOKEN. The CSRF token,
XSRF-TOKEN, must be passed as an HTTP header,
X-XSRF-TOKEN, for any POST, PUT or DELETE operation.