PingAuthorize

How the server manages correlation IDs

By default, the server looks for a correlation ID header on the request and uses the value if found. This behavior integrates the server into a larger system of other servers using correlation IDs.

If a correlation ID header is not found, the server generates a new, unique correlation ID for each HTTP request.

The connection handler uses the correlation-id-request-header property to determine which request headers are correlation ID headers, as shown in the following configuration. The actual default configuration might differ.

dsconfig set-connection-handler-prop --handler-name "HTTPS Connection Handler" \
  --set correlation-id-request-header:X-Request-Id \
  --set correlation-id-request-header:X-Correlation-Id \
  --set correlation-id-request-header:Correlation-Id \
  --set correlation-id-request-header:X-Amzn-Trace-Id

If a request contains more than one of the previous correlation ID headers, the server checks the configured header names in order, and then uses the first one found.

Example: HTTP correlation ID

This example shows a SCIM 2 request with a correlation ID assigned in the response. Then the example uses that ID to locate entries in the debug trace log and the policy decision log.

First, make a SCIM 2 GET request.

The response includes a Correlation-Id header with the value c52af735-788d-4798-be3b-8d1f3c8f9d64. The ellipsis (…​) in the response indicates lines removed to keep the example brief. Because the request does not include a correlation ID, the server generates the header and value.

GET https://localhost:8443/scim/v2/Me HTTP/1.1
Accept: /
Accept-Encoding: gzip, deflate
Authorization: Bearer ...
Connection: keep-alive
Host: localhost:1443
User-Agent: HTTPie/0.9.9


HTTP/1.1 200 OK
Content-Length: 903
Content-Type: application/scim+json
Correlation-Id: c52af735-788d-4798-be3b-8d1f3c8f9d64
Date: Mon, 15 Mar 2021 15:23:06 GMT
Request-Id: 371

{
    "mail": [
        "user.0@example.com"
    ],
    "initials": [
        "AOR"
    ],
    "homePhone": [
        "+1 295 940 2750"
    ],
    "pager": [
        "+1 604 109 3407"
    ],
    "givenName": [
        "Anett"
    ],
   ...
}

Use the correlation ID to search the HTTP debug trace log for matching log records.

$ grep 'correlationID="c52af735-788d-4798-be3b-8d1f3c8f9d64"'  {pingauthorize}/logs/debug-trace

Also, use the correlation ID to search the policy decision log for matching log records.

$ grep 'correlationID="c52af735-788d-4798-be3b-8d1f3c8f9d64"'  {pingauthorize}/logs/policy-decision