.NET HttpClient user agent
.NET's HttpClient is the standard HTTP client for .NET applications. By default it does not add a User-Agent header at all, so requests from .NET apps frequently arrive with no user agent unless the developer sets one. When set, it is a custom application string, not a fixed .NET browser token.
What this means
.NET's HttpClient (and the underlying handlers) is the standard way .NET applications make HTTP requests. Unlike some libraries, it does not attach a default User-Agent header automatically; if the developer does not set one, the request goes out with no user agent.
This is an important difference from clients like curl or python-requests, which send a recognisable default. With HttpClient, the most common signature is the absence of a user agent rather than a fixed token.
How .NET clients identify themselves
When developers do set a user agent on HttpClient, it is a custom application string they choose — there is no canonical .NET browser token to match on. Some frameworks or SDKs built on HttpClient add their own product tokens.
So to recognise .NET traffic, combine the empty-user-agent signal with other script-like characteristics: no Accept-Language, no Client Hints, no sub-resource requests, and a flat, non-interactive pattern. An empty user agent alone is ambiguous and overlaps with other minimal clients.
- Default: no User-Agent header is sent
- Custom UA, when present, is application-chosen, not a fixed token
- Recognise via empty UA plus script-like behaviour
Handling no-user-agent .NET traffic
Because a missing user agent is the common case, do not block all empty-user-agent requests reflexively — some are legitimate first-party .NET services. Identify your own services by adding a descriptive custom user agent and authentication.
For unwanted automation, rate-limit on behaviour and the empty-UA signal rather than a non-existent fixed token, and never rely on the user agent for access control.
How it appears in analytics and logs
A request from a .NET HttpClient app commonly has no User-Agent header unless one was added explicitly. An empty user agent on otherwise script-like traffic can therefore indicate a .NET (or other minimal) client rather than a browser.
Diagnostic use case
Recognise that .NET server traffic often has no user agent by default, and avoid assuming a fixed .NET token exists for matching.
What WebmasterID can help detect
WebmasterID classifies .NET HttpClient traffic as automation and handles the common no-user-agent case gracefully, so .NET integrations and scrapers appear in bot-intelligence rather than human metrics.
Common mistakes
- Expecting a fixed .NET HttpClient token to match on — there isn't one by default.
- Blocking all empty-user-agent traffic, catching legitimate .NET services.
- Counting .NET HttpClient requests as human visits.
Privacy and accuracy notes
.NET HttpClient traffic is automation identified from the user agent (or its absence) — a program, not a person. WebmasterID records it as a bot event, separate from human analytics.
Related pages
- Empty or missing user-agent strings
The User-Agent header is not mandatory, so some requests arrive with an empty string or no header at all. This usually points to a script, a misconfigured client, or an old device — not a specific identity. This page explains what a missing UA means and how to handle it without over-blocking.
- Java and OkHttp user agents
JVM HTTP clients send recognisable default user agents: Java's built-in URL connection uses a Java/version token, and the widely used OkHttp library uses an okhttp/version token. Both mark scripted or app traffic from the Java ecosystem, including many Android apps. This page covers the two patterns.
- API client user agents (Postman, etc.)
Developers exercise APIs with tools like Postman, Insomnia, and HTTPie, each of which sends a recognisable default user agent (for example a PostmanRuntime token). Seeing these means someone is testing or scripting against your API, not browsing your pages. This page covers the patterns and how to read them.
- Bot intelligence
Handle no-user-agent and custom-client traffic without guessing.
Sources and verification notes
- Microsoft — HttpClient class documentationNo default User-Agent header is added unless configured.
Last reviewed 2026-06-24. Facts are checked against primary/official sources where available; uncertain specifics are marked “Data not yet verified” rather than guessed.