Skip to main content
In this lesson we cover OpenTelemetry Baggage: what it is, how it differs from span attributes, common use cases, code examples for setting and reading baggage, and security and best-practice guidance. Baggage is a small set of contextual key-value pairs that travel with requests across service boundaries via headers. Downstream services can read those keys to enable business-level routing, personalization, or to copy values into span attributes for observability.

Observability signals — quick recap

SignalPurposeTypical examples
TracesEnd-to-end execution paths for requestsRequest spans, latency
MetricsAggregated numeric measurementsCPU, throughput, error rates
LogsEvent-level diagnostic messagesExceptions, debug events
BaggageSmall contextual metadata propagated across servicesuser_id, cart_id, promo_code
Baggage commonly carries non-sensitive values such as user_id (non-identifying), region, tier=gold, product_id, cart_id, or promotion codes like SUMMER10. A frontend service can capture a promo code and propagate it so downstream services can use it for personalized messaging or business logic.

Baggage vs. span attributes

  • Baggage: propagated across services using request headers (W3C Baggage format). It is intended to be read by all services that participate in context propagation.
  • Span attributes: local to a span and used to enrich trace data for that single span. They are stored in your observability backend but are not automatically forwarded downstream.
The image compares "Baggage" and "Span Attributes," showing how product ID, cart ID, and promo code are represented in HTTP request headers and span attributes, with similar values formatted differently in each context.
Span attributes are visible in tracing backends but not automatically propagated. If downstream services need specific values (for example, to send a promotional email), propagate them via baggage headers; the downstream service may decide to copy those values into span attributes for observability or use them in application logic. The diagram below shows baggage being set in Service A, flowing via headers through Service B, and being consumed or copied into span attributes in Service C.
The image depicts a diagram illustrating "Baggage in Action" within a microservices architecture, showing the flow of request context and attributes between Service A, Service B, and Service C.

Python example — set baggage and inject into outgoing headers

Steps:
  1. Use the baggage API to set key-value pairs into a context.
  2. Use the propagation API to inject the context into outgoing HTTP headers.

Python example — extract baggage from incoming headers and copy into span attributes

On the receiving side, extract the context from incoming headers, read baggage values, and optionally copy them into span attributes for better observability.
Resulting span attributes (example):
Once a downstream service has the promo code in its context, it can trigger actions (for example, send an email that references the promo code) or propagate the baggage further downstream.

Real-world use cases

CategoryExample baggage keysPurpose
Correlationcorrelation_idLink related business operations across services (distinct from trace ID)
Commercecart_id, product_id, transaction_idRoute or enrich commerce flows
Routing / Personalizationregion, origin, tierUse for routing decisions or personalized responses
Analyticsnon-identifying_user_attrAggregate business metrics without exposing PII
The image illustrates real-world use cases of data tracking and personalization, featuring colorful arrows pointing towards different identifiers like correlation IDs, cart IDs, and non-identifying user IDs.

Security considerations

Baggage travels in HTTP headers and is visible to every intermediate and downstream service. Because baggage does not provide integrity or confidentiality guarantees by default:
  • Values can be modified or tampered with by intermediaries.
  • Sensitive data can be exposed if baggage leaves trusted networks.
  • Avoid putting PII, credentials, tokens, or sensitive secrets into baggage.
Baggage is not a secure transport. Avoid putting sensitive or identifying data in baggage, and exercise caution when propagating baggage beyond trusted boundaries.
The image lists security considerations regarding baggage, highlighting issues like visibility via headers, lack of integrity checks, risk of sensitive data exposure, and the need for caution beyond trusted boundaries.

Best practices

  • Keep baggage small to limit header size and avoid network overhead.
  • Standardize key names and conventions across teams to reduce collisions and simplify downstream processing.
  • Never include PII, credentials, or tokens in baggage.
  • Monitor performance and header sizes when enabling baggage propagation.
Define a small, consistent set of baggage keys and document their intended use. This keeps cross-team usage predictable and reduces the risk of accidental sensitive data propagation.
The image lists three best practices: keeping baggage small, standardizing keys for consistency, and avoiding sensitive data, accompanied by relevant icons. There's also a thumbs-up badge illustration.

Key takeaways

  • Baggage carries small contextual metadata along with requests and complements traces, metrics, and logs.
  • Use baggage to enable richer cross-service observability and business-level processing when appropriate.
  • Keep baggage minimal, standardized, and free of sensitive data to avoid performance and security issues.
The image is a "Key Takeaways" slide listing four points about observability, including metadata handling, complementing observability signals, enabling cross-service analysis, and handling carefully to avoid risks.
Further lessons will dive deeper into context and propagation mechanisms, including W3C standards and language-specific propagation implementations.

Watch Video