diff --git a/app/Http/Middleware/AcceptHeaders.php b/app/Http/Middleware/AcceptHeaders.php
index e3cd497da4..812713f226 100644
--- a/app/Http/Middleware/AcceptHeaders.php
+++ b/app/Http/Middleware/AcceptHeaders.php
@@ -50,13 +50,19 @@ class AcceptHeaders
             throw new BadHttpHeaderException(sprintf('Accept header "%s" is not something this server can provide.', $request->header('Accept')));
         }
         // if bad 'Content-Type' header, refuse service.
-        if (('POST' === $method || 'PUT' === $method) && !$request->hasHeader('Content-Type')) {
+
+        // some routes are exempt from this.
+        $exempt = [
+            'api.v1.data.bulk.transactions'
+        ];
+
+        if (('POST' === $method || 'PUT' === $method) && !$request->hasHeader('Content-Type') && !in_array($request->route()->getName(), $exempt, true)) {
             $error             = new BadHttpHeaderException('Content-Type header cannot be empty.');
             $error->statusCode = 415;
 
             throw $error;
         }
-        if (('POST' === $method || 'PUT' === $method) && !$this->acceptsHeader($submitted, $contentTypes)) {
+        if (('POST' === $method || 'PUT' === $method) && !$this->acceptsHeader($submitted, $contentTypes) && !in_array($request->route()->getName(), $exempt, true)) {
             $error             = new BadHttpHeaderException(sprintf('Content-Type cannot be "%s"', $submitted));
             $error->statusCode = 415;
 
diff --git a/app/Validation/Api/Data/Bulk/ValidatesBulkTransactionQuery.php b/app/Validation/Api/Data/Bulk/ValidatesBulkTransactionQuery.php
index bef98c6709..6dd7501261 100644
--- a/app/Validation/Api/Data/Bulk/ValidatesBulkTransactionQuery.php
+++ b/app/Validation/Api/Data/Bulk/ValidatesBulkTransactionQuery.php
@@ -33,10 +33,13 @@ trait ValidatesBulkTransactionQuery
     {
         $data = $validator->getData();
         // assumption is all validation has already taken place and the query key exists.
-        $json = json_decode($data['query'], true, 8, JSON_THROW_ON_ERROR);
+        $query  =$data['query'] ?? '[]';
+        $json = json_decode($query, true, 8, JSON_THROW_ON_ERROR);
 
-        if (array_key_exists('account_id', $json['where'])
-            && array_key_exists('account_id', $json['update'])
+        if (
+            array_key_exists('where', $json) &&
+            array_key_exists('update', $json) &&
+            array_key_exists('account_id', $json['where']) && array_key_exists('account_id', $json['update'])
         ) {
             // find both accounts, must be same type.
             // already validated: belongs to this user.