I'm implementing a correlation ID within my applications and would like some feedback on the design for it. The primary concern is that the correlation ID should be available for all logs.
Lets say I have a web (front-end) application which is serving pages to my users. It talks with two API's which provide data. The API's are not exposed to the user, and so all requests 'begin' in the front-end app.
The API's job is simple, they consume the correlation ID as provided in all headers from the front-end app (X-Correlation-ID) and print it in any logs.
The front-end app has to generate the ID, add it to the headers for outgoing requests, but it must also consume the ID.
My question is this: How does the front-end app store the correlation ID? My first thought was that it would modify the incoming request and add the header if it did not exist, however this would make the incoming request somewhat 'unreliable' as it is now modified. Another thought is perhaps it is stored as some kind of application global that is cleared per request.
Correlation ids i.e. ids typically attached to headers like Request-ID, X-Request-ID, X-Trace-ID, X-Correlation-ID are usually issued per request.
You seem to want to store it locally on the client though. What you describe sounds more like a “session id” that gets reset when the client “restarts”. If that's the case, you can simply use local/session storage or cookies to store and clear it when needed.
Do keep in mind that first sentence above though. Correlation ids are typically used per request. What I usually do:
That’s what heroku does for example. Same for many other services / companies.
Goes without saying, you can combine the two ids, the “session” one you refer to plus the ones generated per request to get a better view of what is going on in logs etc.