I want to allow my webpage to be embedded into (other domains) iframes.
What specific header should I send along with the response from the server?
Is this header needed for all the resources that will be served inside the iframe (images, css,...) or just the first html page served?
You don't need any header to allow content to be shown in a frame.
x-frame-options (deprecated) and frame-ancestors in a CSP (its successor) allow you to restrict access, but framing is allowed if it is absent.