# Manage Application-Defined Metadata Propagation ESS adds support for [application-defined metadata/properties](/ess/2.4/administration/application-defined-metadata.md) ; specifically, ESS adds support for [baggage HTTP header](https://www.w3.org/TR/baggage/) . These application-defined properties can be included in audit messages and log messages as well as returned as response headers. ESS further expands on this support by providing configuration to add non-baggage request headers to the baggage for propagation within its system. {% hint style="info" %} The client requests do not need to include a baggage header. If clients send only non-baggage request headers for application-defined properties (as determined by ESS configuration), ESS creates a baggage for propagation within its system. However, if a baggage request header exists, ESS adds the non-baggage requests headers (if any, as determined by ESS configuration) to the baggage, and propagates the enhanced baggage. {% endhint %} As part of its support for application-defined metadata propagation, ESS provides the following configurations to customize the propagation: {% tabs %} {% tab title="Allow Configurations" %} |

INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_ALLOW
Adds specified non-baggage request headers to the baggage for propagation (unless also specified in the corresponding \*\_DENY configuration); i.e., support propagation of non-baggage headers as application-defined properties. This configuration is case-insensitive.

| | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |

INRUPT\_REQUEST\_METADATA\_REFLECTOR\_HEADER\_ALLOW
Determines which propagated properties can be returned as
response headers (unless also specified in the
corresponding \*\_DENY configuration). This
configuration is case-sensitive to the entries in
the propagated baggage.

Tip

To return a propagated property that was added to the baggage via INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_ALLOW, ensure that the cases of these properties match.
When returning application-properties as response headers, you may need to update QUARKUS\_HTTP\_CORS\_EXPOSED\_HEADERS to extend the list of CORS-safelisted response headers

| |

INRUPT\_LOGGING\_REQUEST\_METADATA\_ALLOW
Determines which propagated properties can be included
in associated log messages (unless also specified in
the corresponding \*\_DENY configuration). This
configuration is case-sensitive to the propagated
baggage entries.

To include a propagated property that was added to the baggage via INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_ALLOW, ensure that the cases of these properties match.

| |

INRUPT\_AUDIT\_PRODUCER\_REQUEST\_METADATA\_ALLOW
Determines which propagated properties can be included
in associated audit events
(unless also specified in the corresponding \*\_DENY
configuration). This configuration is
case-sensitive to the propagated baggage entries.

Tip
To include a propagated property that was added to the baggage via INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_ALLOW, ensure that the cases of these properties match.

| | {% endtab %} | {% tab title="Deny Configurations" %} |

INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_DENY
Excludes specified non-baggage request headers from being
added to the baggage.
This configuration is case-insensitive.

INRUPT\_REQUEST\_METADATA\_REFLECTOR\_HEADER\_DENY
Excludes propagated properties from returning as
response headers. This configuration is case-sensitive
to the entries in the propagated baggage.

Tip
To exclude a propagated property that was added to the baggage via INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_ALLOW, ensure that the cases of these properties match.

| |

INRUPT\_LOGGING\_REQUEST\_METADATA\_DENY
Excludes propagated properties from being included in
associated log messages. This configuration is
case-sensitive to the propagated
baggage entries.

Tip
To exclude a propagated property that was added to the baggage via INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_ALLOW , ensure that the cases of these properties match.

| |

INRUPT\_AUDIT\_PRODUCER\_REQUEST\_METADATA\_DENY
Determines which propagated properties are included in
associated audit events. This configuration is
case-sensitive to the propagated
baggage entries.

Tip
To exclude a propagated property that was added to the baggage via INRUPT\_REQUEST\_METADATA\_PROPAGATOR\_HEADER\_ALLOW , ensure that the cases of these properties match.

| | {% endtab %} | {% tab title="Miscellaneous" %} **`INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_OVERRIDES`**\ Determines, in cases of a property being defined both\ as a header and as a baggage entry, whether to keep\ the entry or update/override it with the header value.\ The default is to keep the baggage entry as is. See [Duplicate Property Definition](/ess/2.4/administration/application-defined-metadata.md#duplicate-property-definition) for more\ information. {% endtab %} {% endtabs %} ## Example Customization The following example configuration updates: * **`INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW`** to include the client request **`x-correlation-id`** , **`x-request-id`** , and **`my-client-version`** headers as baggage entries. * **`INRUPT_LOGGING_REQUEST_METADATA_ALLOW`** to include the propagated **`x-correlation-id`** , **`x-request-id`** , and **`my-client-version`** in the associated log messages. * **`INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW`** to include the propagated **`x-correlation-id`** , **`x-request-id`** , and **`my-client-version`** in the associated audit events. * **`INRUPT_LOGGING_REQUEST_METADATA_ALLOW`** to return the propagated **`x-correlation-id`** and **`x-request-id`** as response headers (and not **`my-client-version`**). {% hint style="info" %} **Tip** **`INRUPT_LOGGING_REQUEST_METADATA_ALLOW`** , **`INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW`** , and **`INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW`** are case- **sensitive** to the entries in the propagated baggage. If the propagated baggage includes properties from **`INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW`** configuration, ensure that the cases of those properties match. {% endhint %} 1. Go to your ESS installation directory: ```sh cd ${HOME}/ess ``` 2. Modify the **`kustomization.yaml`** (i.e., step 3 of the [Applying Your Customizations](/ess/2.4/installation/customize-configurations.md#applying-your-customizations) procedure).\ Specifically, add the highlighted content to the **`kustomization.yaml`** file under the **`patches`** key: {% hint style="info" %} **Tip** If **`patches`** list does not exist in **`kustomization.yaml`** , add the key **`patches`** as well. {% endhint %} ```yaml # kustomization.yaml in your ESS installation directory # ... Preceding content omitted for brevity # ... patches: - target: kind: Deployment labelSelector: quarkus=true patch: |- - op: add path: /spec/template/spec/containers/0/env/- value: #Adds the following request headers to the `baggage` for propagation name: INRUPT_REQUEST_METADATA_PROPAGATOR_HEADER_ALLOW value:"x-correlation-id,x-request-id,my-client-version" - op: add path: /spec/template/spec/containers/0/env/- value: #Return the following propagated properties as response headers name: INRUPT_REQUEST_METADATA_REFLECTOR_HEADER_ALLOW value: "x-correlation-id,x-request-id" - op: add path: /spec/template/spec/containers/0/env/- value: #Include the following propagated properties in log messages name: INRUPT_LOGGING_REQUEST_METADATA_ALLOW value: "x-correlation-id,x-request-id,my-client-version," - op: add path: /spec/template/spec/containers/0/env/- value: #Include the following propagated properties in audit events name: INRUPT_AUDIT_PRODUCER_REQUEST_METADATA_ALLOW value: "x-correlation-id,x-request-id,my-client-version" ``` {% hint style="info" %} **Tip** When returning application-defined properties as response headers, you may need to update **`QUARKUS_HTTP_CORS_EXPOSED_HEADERS`** to extend the list of [CORS-safelisted response headers](https://developer.mozilla.org/en-US/docs/Glossary/CORS-safelisted_response_header) . {% endhint %} 3. Continue with the rest of the [Applying Your Customizations](/ess/2.4/installation/customize-configurations.md#applying-your-customizations) procedure. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.inrupt.com/ess/2.4/installation/customize-configurations/customization-logging/manage-app-defined-metadata.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.