how to exclude csrf header from request?

[BorisWild]

I'm making api documentation for third party api, which dosn't accept X-CSRF-TOKEN header. And I've got

Access to fetch at 'https://third-party.org/api/accounts/login' from origin 'http://127.0.0.1:8000' has been blocked by CORS policy: Request header field x-csrf-token is not allowed by Access-Control-Allow-Headers in preflight response.

How can i exclude X-CSRF-TOKEN header from request?