Summary
Adopt the Market Data API's new IP response headers in the Java/Kotlin SDK:
X-API-Detected-IP — the caller's detected IP, returned on successful (200/203) responses
X-API-Authorized-IP — the account's authorized IP, returned on 403 IP-block responses
These were added API-side in MarketData-App/api#200. They replace the legacy X-API-BLOCKED-IP header, which the API plans to remove (tracking issue: https://github.com/MarketData-App/api/issues/202).
Why this matters
This SDK does not currently read X-API-BLOCKED-IP, so the API's eventual removal won't break anything here — this is purely additive. But adopting the new headers is a prerequisite the API team is gating the removal on, and it's a genuine UX win: on a 403 multi-IP block the user currently gets a bare error with no indication of which IP their account expects. Surfacing X-API-Authorized-IP tells them exactly what to whitelist.
Suggested changes
src/main/java/com/marketdata/sdk/HttpStatusMapper.java — the 403 branch (currently falls back to BadRequestError with the status code in the message) should read X-API-Authorized-IP from the response headers and include/expose it on the thrown exception.
- Response header plumbing —
JsonResponseParser / the response-headers map already flows through; read X-API-Authorized-IP there (headers are case-insensitive).
- Optional (success path) — expose
X-API-Detected-IP on the per-response snapshot next to the existing rateLimit() accessor.
Acceptance criteria
Prerequisite for MarketData-App/api removal of X-API-BLOCKED-IP (https://github.com/MarketData-App/api/issues/202).
Summary
Adopt the Market Data API's new IP response headers in the Java/Kotlin SDK:
X-API-Detected-IP— the caller's detected IP, returned on successful (200/203) responsesX-API-Authorized-IP— the account's authorized IP, returned on 403 IP-block responsesThese were added API-side in MarketData-App/api#200. They replace the legacy
X-API-BLOCKED-IPheader, which the API plans to remove (tracking issue: https://github.com/MarketData-App/api/issues/202).Why this matters
This SDK does not currently read
X-API-BLOCKED-IP, so the API's eventual removal won't break anything here — this is purely additive. But adopting the new headers is a prerequisite the API team is gating the removal on, and it's a genuine UX win: on a 403 multi-IP block the user currently gets a bare error with no indication of which IP their account expects. SurfacingX-API-Authorized-IPtells them exactly what to whitelist.Suggested changes
src/main/java/com/marketdata/sdk/HttpStatusMapper.java— the 403 branch (currently falls back toBadRequestErrorwith the status code in the message) should readX-API-Authorized-IPfrom the response headers and include/expose it on the thrown exception.JsonResponseParser/ the response-headers map already flows through; readX-API-Authorized-IPthere (headers are case-insensitive).X-API-Detected-IPon the per-response snapshot next to the existingrateLimit()accessor.Acceptance criteria
X-API-Authorized-IP.X-API-BLOCKED-IP.X-API-Authorized-IP.Prerequisite for MarketData-App/api removal of
X-API-BLOCKED-IP(https://github.com/MarketData-App/api/issues/202).