Session Id

Prathibha.Mariyappa
Prathibha.Mariyappa LSEG
in DSS

1)You suggest we should attach clientSessionId HTTP header; how do you understand a “session”? Is this the time a specific token authorization is valid?

2. Note we already set a header named Authorization with value Token xxx where xxx is the value we receive from your endpoint /Authentication/RequestToken ; is this not sufficient and you want our client to send a different unique identifier?

3. Do you want to be able to identify each REST API call our REST client is doing with its own, unique request id? Then clientSessionId is not the best name - it suggests the value is the same for the duration of some session, but it will be different for each request; therefore I suggest “clientRequestId” header name.

Tagged:

Best Answer

  • Christiaan Meihsl
    Christiaan Meihsl LSEG
    Answer ✓

    @Prathibha.Mariyappa,

    Context

    When contacting customer support, you need to provide the Client-Session-Id and Request-Execution-Correlation-Id of the extraction request that had an issue.

    The Client-Session-Id is a client-side unique identifier for a "client-side unit of work". It is a value that is generated by the client, and is used to identify a request.

    Request-Execution-Correlation-Id is returned by the DSS REST API in the response header.

    The client is responsible for logging these IDs, that will be useful when failures are detected or when the response received is not satisfactory.

    See this help page for more information.

    To answer your queries:

    1) You suggest we should attach clientSessionId HTTP header; how do you understand a “session”? Is this the time a specific token authorization is valid?

    A "session" can be defined as the "set of queries that are made for a single extraction request". Each extraction request needs a new and unique Client-Session-Id. In case of doubt, just use a unique Client-Session-Id for every single call you make to the API.

    2. Note we already set a header named Authorization with value Token xxx where xxx is the value we receive from your endpoint /Authentication/RequestToken ; is this not sufficient and you want our client to send a different unique identifier?

    The token, valid 24 hours, is only for authentication. In no way does it uniquely identify an extraction request.

    The Client-Session-Id is set by the client in a separate header of a request. Example:

    Token <your_auth_token_goes_here>
    X-Client-Session-Id: 8FBAA1E1-DFF3-435C-A0CA-1C9A6C46C266
    Prefer: respond-async

    Again, it must be unique, to be able to identify that particular query or unit of work.

    3. Do you want to be able to identify each REST API call our REST client is doing with its own, unique request id? Then clientSessionId is not the best name - it suggests the value is the same for the duration of some session, but it will be different for each request; therefore I suggest “clientRequestId” header name.

    The idea is to be able to identify each extraction request a REST client is doing, using a unique ID. The name choice is debatable, but it is what it is.

Categories