So, the quintessential is: You need to send this "X-CDD-Token" as a header for authentication, right?
First, create an input table which contains the URL to access, (optionally) the HTTP method, and the headers (e.g. using a Table Creator):
Connect this table to HttpRetriever and open the settings. Select the url and method input columns. Go to the 'Headers' tab and add the 'X-CDD-Token' column. Voilà.
The column name has to be the same as the header key.
Now I even managed to write via POST a JSON entry. Next question is how to combine a JSON string (converted to BLOB; using FormEncodedHttpEntityCreator) AND a file (which would have to be converted to a BLOB as well, I assume). Maybe something for another thread.
Thanks for the feedback, the fact that column names make the header keys probably needs to be documented more explicitly!
And yes, feel free to open another thread for the POST. I'll be glad to assist -- if you can supply me with a sample workflow showing the scenario, even better!