Skip to main content

Auditing Headers

To provide more detailed auditing in our products it is possible to use optional HTTP headers to provide information about the origination of the request made towards the API.

Since the auditing information could be displayed to users of the Walley products, we recommend only posting human readable, nonsensitive information in these headers.

Performed By​

To provide information identifying the user or person that performed the action resulting in the request towards the API, use the Walley-Performed-By HTTP header. The value posted could be any information identifying the user, e.g. a name, a username or an email.

Walley-Performed-By: firstname.lastname@walley.se

Originated From​

To provide information about the origin of the request towards the API, use the Walley-Originated-From HTTP header. The value posted could be any information identifying the origin of the request, e.g. the name of the system integrating with the API, an end user system, a company or store name.

Walley-Originated-From: Walley Checkout
Please note

Please note that using the Walley-Originated-From header without the Walley-Performed-By header can result in the SOAP username being displayed in some products. To avoid this, post an empty value in the Walley-Performed-By header instead.