If you don’t use token authentication that is!

Many of our SOAP API integration partners do not provide a valid custom user agent, which makes it very hard for us to contact these integration partners in case we encounter problems. In order to offer better support for your integrations, the following will apply:

From November 16th 2015 we require that all SOAP API requests include a valid X-EconomicAppIdentifier header. From this date we will start rejecting all requests made by your app, if you do not include this header.

This requirement only applies if you are connecting to the SOAP API with…

• Connect
• ConnectAsAdministrator
• ConnectAsAdministratorWithCustomerNumber

Please notice
For users of the “Connect” method, we strongly recommend switching to our token authentication. In SOAP this is done via the ConnectWithToken method.

Setting the X-EconomicAppIdentifier header
A valid X-EconomicAppIdentifier header uniquely identifies the integration partner and the app used. A good example of this is:

X-EconomicAppIdentifier: MyCoolIntegration/1.1 (http://example.com/MyCoolIntegration/; MyCoolIntegration@example.com) BasedOnSuperLib/1.4

It first identifies the name and version of the app, and then goes on to supply a link to where more information can be found as well as a contact email. At the end it states the name and version of the library used to access the api. This could be something like PHP-SOAP or Python-httplib.

Here’s an example code when using .NET Service Reference to consume the API:

1  
2  
3  
4  
5  
6  
7  
8

using (var operationScope = new OperationContextScope(session.InnerChannel))
{
    // Add a HTTP Header to an outgoing request
    var requestMessage = new HttpRequestMessageProperty();
    requestMessage.Headers["X-EconomicAppIdentifier"] = "MyCoolIntegration/1.1 (http://example.com/MyCoolIntegration/; MyCoolIntegration@example.com) BasedOnSuperLib/1.4";
    OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = requestMessage;
 
    session.Connect(<agreement>, <user>, <password>);
}

If you are using the SDK, you must supply the user agent in the Session class constructor. You do not need to state that you are using the SDK. The SDK will append that information itself.

Can I test that my header is correct?
Yes. We’ve added a test endpoint to SOAP that you can check against. It’s called Verify_XEconomicAppIdentifier and returns true if set up correctly. If it is not correctly set up an exception will be thrown. This is the same exception we will throw once we start enforcing the rule.

What happens if I don’t add this header?
If you use token authentication then nothing. But November 16th 2015 we will start rejecting all requests made by your app, if you do not include this header.