On July 10th 2015 we announced that we would require you to specify a custom HTTP Header X-EconomicAppIdentifier.
Unfortunately we didn’t see the level of compliance we had hoped for, so we moved the deadline to
Many of our SOAP API integration partners do not provide a valid custom user agent, which makes it very hard for us to contact these integration partners in case we encounter problems. In order to offer better support for your integrations, the following will apply:
Since March 15th 2016 we require that all SOAP API requests include a valid X-EconomicAppIdentifier HTTP header. From this date we’ve started rejecting requests made by your app, if you do not include this header.
This requirement only applies if you are connecting to the SOAP API with…
For users of the “Connect” method, we strongly recommend switching to our token authentication. In SOAP this is done via the ConnectWithToken method.
Please refer to our getting started guide for step-by-step guidance.
Setting the X-EconomicAppIdentifier header
A valid X-EconomicAppIdentifier header uniquely identifies the integration partner and the app used. A good example of this is:
X-EconomicAppIdentifier: MyCoolIntegration/1.1 (http://example.com/MyCoolIntegration/; MyCoolIntegration@example.com) BasedOnSuperLib/1.4
It first identifies the name and version of the app, and then goes on to supply a link to where more information can be found as well as a contact email. At the end it states the name and version of the library used to access the api. This could be something like PHP-SOAP or Python-httplib.
If you are using the SDK, the latest version requires you to supply the X-EconomicAppIdentifier string in the Session class constructor.
Note: You do not need to explicitly state that you are using the SDK (“BasedOnSuperLib/1.4” part) in your X-EconomicAppIdentifier as the SDK will append that information automatically.
Can I test that my header is correct?
Yes. We’ve added a test endpoint to SOAP that you can check against. It’s called Verify_XEconomicAppIdentifier and returns true if set up correctly. If it is not correctly set up an exception will be thrown. This is the same exception we will throw once we start enforcing the rule. This method is also available through the latest SDK version as well.
What happens if I don’t add this header?
If you use token authentication then nothing. But March 15th 2016 we will start rejecting all requests made by apps not using token authentication, if you do not include this header.