Both methods are always mentioned, when applicable, in the specifications.
Specifying a siteaccess
One of the principles of REST is that the same resource (Content, Location, ContentType, ...) should be unique. The purpose is mostly to make it simple to cache your REST API using a reverse proxy like Varnish. If the same resource is available at multiple locations, cache purging becomes much more complex.
Due to this, we decided not to enable siteaccess matching with REST. In order to specify a siteaccess when talking to the REST API, a custom header,
X-Siteaccess, needs to be provided. If it isn't, the default one will be used:
GET / HTTP/1.1 Host: api.example.com Accept: application/vnd.ez.api.Root+json X-Siteaccess: ezdemo_site_admin