Headers Reference
Request headers
Proxy headers
| Header | Required | Description |
|---|---|---|
X-ASO-API-Key | Yes | Your AI SpendOps API key (aso_k_{id}.{secret}) |
X-ASO-Dims | Depends | Dimension tags for cost attribution. Required if mandatory dimensions are enabled. |
Provider headers (forwarded)
| Header | Description |
|---|---|
Authorization | Provider API key (Bearer sk-...) — forwarded unchanged |
x-api-key | Anthropic API key — forwarded unchanged |
x-goog-api-key | Google API key — forwarded unchanged |
anthropic-version | Anthropic API version — forwarded unchanged |
Content-Type | Request content type — forwarded unchanged |
All other headers are forwarded unchanged to the upstream provider.
Stripped headers
The following headers are removed before forwarding to the provider:
| Pattern | Reason |
|---|---|
X-ASO-* | Proxy-specific, not needed upstream |
CF-* | Cloudflare internal headers |
CDN-* | CDN headers |
Host | Replaced with upstream host |
True-Client-IP | Infrastructure header |
X-Forwarded-For | Infrastructure header |
X-Forwarded-Proto | Infrastructure header |
X-Real-IP | Infrastructure header |
Response headers
Proxy headers
| Header | Description |
|---|---|
X-ASO-Request-Id | UUID generated by the proxy for this request |
X-ASO-Request-Id
Every response includes this header containing a unique request identifier:
X-ASO-Request-Id: 550e8400-e29b-41d4-a716-446655440000
Use this for:
- End-to-end tracing — match a response to its usage event in the analytics database
- Deduplication — the same ID appears on the queued usage event
- Support requests — quote the request ID when reporting issues
This is distinct from the provider's own request ID (e.g. OpenAI's chatcmpl-...), which is captured separately as generation_id in usage events.
Provider headers
All response headers from the upstream provider are returned to you unmodified.