Observability signals — quick recap
| Signal | Purpose | Typical examples |
|---|---|---|
| Traces | End-to-end execution paths for requests | Request spans, latency |
| Metrics | Aggregated numeric measurements | CPU, throughput, error rates |
| Logs | Event-level diagnostic messages | Exceptions, debug events |
| Baggage | Small contextual metadata propagated across services | user_id, cart_id, promo_code |
user_id (non-identifying), region, tier=gold, product_id, cart_id, or promotion codes like SUMMER10. A frontend service can capture a promo code and propagate it so downstream services can use it for personalized messaging or business logic.
Baggage vs. span attributes
- Baggage: propagated across services using request headers (W3C Baggage format). It is intended to be read by all services that participate in context propagation.
- Span attributes: local to a span and used to enrich trace data for that single span. They are stored in your observability backend but are not automatically forwarded downstream.


Python example — set baggage and inject into outgoing headers
Steps:- Use the baggage API to set key-value pairs into a context.
- Use the propagation API to inject the context into outgoing HTTP headers.
Python example — extract baggage from incoming headers and copy into span attributes
On the receiving side, extract the context from incoming headers, read baggage values, and optionally copy them into span attributes for better observability.Real-world use cases
| Category | Example baggage keys | Purpose |
|---|---|---|
| Correlation | correlation_id | Link related business operations across services (distinct from trace ID) |
| Commerce | cart_id, product_id, transaction_id | Route or enrich commerce flows |
| Routing / Personalization | region, origin, tier | Use for routing decisions or personalized responses |
| Analytics | non-identifying_user_attr | Aggregate business metrics without exposing PII |

Security considerations
Baggage travels in HTTP headers and is visible to every intermediate and downstream service. Because baggage does not provide integrity or confidentiality guarantees by default:- Values can be modified or tampered with by intermediaries.
- Sensitive data can be exposed if baggage leaves trusted networks.
- Avoid putting PII, credentials, tokens, or sensitive secrets into baggage.
Baggage is not a secure transport. Avoid putting sensitive or identifying data in baggage, and exercise caution when propagating baggage beyond trusted boundaries.

Best practices
- Keep baggage small to limit header size and avoid network overhead.
- Standardize key names and conventions across teams to reduce collisions and simplify downstream processing.
- Never include PII, credentials, or tokens in baggage.
- Monitor performance and header sizes when enabling baggage propagation.
Define a small, consistent set of baggage keys and document their intended use. This keeps cross-team usage predictable and reduces the risk of accidental sensitive data propagation.

Key takeaways
- Baggage carries small contextual metadata along with requests and complements traces, metrics, and logs.
- Use baggage to enable richer cross-service observability and business-level processing when appropriate.
- Keep baggage minimal, standardized, and free of sensitive data to avoid performance and security issues.

Links and references
- W3C Baggage: https://www.w3.org/TR/baggage/
- OpenTelemetry Propagation: https://opentelemetry.io/docs/reference/specification/context/api/
- OpenTelemetry Python docs: https://opentelemetry.io/docs/instrumentation/python/