X-Request-ID
The HTTP X-Request-ID header is an unofficial HTTP header carrying a unique identifier for tracing a single request across services, proxies, and log systems.
Usage
The X-Request-ID header enables end-to-end request correlation. A client or the first proxy in the chain generates a unique token and attaches the header to the request. Every service and reverse proxy in the request path preserves and forwards the identifier. The origin server logs the token and includes the same value in the response headers, allowing operators to trace a single request through distributed systems.
The header is a de facto standard across cloud platforms, API gateways, and load balancers. Nginx, HAProxy, AWS ALB, Heroku, and most API gateways support generating or forwarding X-Request-ID values. When the client does not supply a value, many infrastructure components generate one automatically.
The typical value is a UUID v4 string: 32 hexadecimal
characters arranged in five groups separated by hyphens
(8-4-4-4-12). UUID v4 is random and carries no
inherent meaning, making the header safe from a privacy
perspective. Other formats exist, but UUID v4 is the most
widely adopted convention.
API providers commonly recommend including X-Request-ID in support tickets and bug reports. The identifier links a client-side incident to the exact server-side log entries for the request, bypassing the need to correlate by timestamp or IP address.
For POST, PATCH, and PUT requests, some APIs treat the X-Request-ID as an idempotency key. Sending the same identifier on a retry signals the server to return the original response rather than processing the operation a second time.
The W3C Traceparent header provides a standardized alternative for distributed tracing with support for trace context propagation, parent-child span relationships, and sampling flags. The X-Correlation-Id header serves a similar correlation purpose under a different name.
Note
The "X-" naming convention for HTTP headers, "X" referring to "experimental", has been deprecated and needs to be transitioned to the formal naming convention for HTTP headers.
Values
UUID v4
A randomly generated universally unique identifier in the
standard 8-4-4-4-12 hexadecimal format. This is the most
common format.
X-Request-ID: 96a101dd-c49a-4fea-aee2-a76510f32190
UUID v7
UUID v7 embeds a Unix timestamp in the
first 48 bits, making identifiers sortable by
creation time while remaining globally unique. This
allows log systems to sort request IDs
chronologically without parsing timestamps from
separate fields. UUID v7 is a drop-in replacement
for UUID v4: same 8-4-4-4-12 format, same 128-bit
size.
X-Request-ID: 019473a2-b1c0-7f3a-8b2e-4d6e8f0a1c3b
Other formats
Some platforms use shorter identifiers, Base62-encoded strings, or other random token formats. The header has no formal specification, so any opaque string is valid as long as the generating system ensures uniqueness.
Example
A client sends a GET request with a UUID v4 identifier. The server logs the token and echoes the same value in the response, enabling the client to reference the exact server-side log entry.
GET /api/resource HTTP/1.1
Host: api.example.re
X-Request-ID: 7c4a8d09-ca38-4aa6-8b8e-1c3d5e84b2f0
HTTP/1.1 200 OK
Content-Type: application/json
X-Request-ID: 7c4a8d09-ca38-4aa6-8b8e-1c3d5e84b2f0
A reverse proxy generating the identifier when the client does not supply one. The proxy forwards the generated token to the backend and includes the same value in the response to the client.
X-Request-ID: req-a1b2c3d4e5f6
Takeaway
The X-Request-ID header is an unofficial but widely adopted header for correlating requests across distributed systems. The Traceparent header provides a standardized alternative with richer tracing semantics.