# X-Musement-Application header

To better analyze Musement API usage and identify areas of improvement, we have introduced the `X-Musement-Application` header.

Partners with a signed contract will receive a unique *application value*. This value is required for all API requests. If you currently do not have an *Application value*, you can request it at [api-distribution@tui.com](mailto:api-distribution@tui.com).

Consider the example request below for activities:


```bash
curl -X GET '{baseUrl}/activities' \
-H 'X-Musement-Version: 3.4.0' \
-H 'Authorization: Bearer {accessToken}'
```

Using the new `X-Musement-Application` header, the request becomes:


```bash
curl -X GET '{baseUrl}/activities' \
-H 'X-Musement-Application: {applicationValue}' \
-H 'X-Musement-Version: 3.4.0' \
-H 'Authorization: Bearer {accessToken}'
```

The header is also expected for authentication requests:


```bash
curl -X POST '{baseUrl}/login' \
-H 'X-Musement-Application: {applicationValue}' \
-H 'X-Musement-Version: 3.4.0' \
-H 'Content-Type: application/json' \
--data-raw '{
	"client_id": "{clientId}",
	"client_secret": "{clientSecret}",
	"grant_type": "{clientCredentials}"
}'
```

This header is *required* for all endpoints. Calling an endpoint without the header will result in a 400 status code response:


```json
{
	"code": "2271",
	"message": "The header 'x-musement-application' is mandatory but was not found on the request. Please specify it and try again."
}
```