It sometimes helps operational teams narrow down what application is the one causing load. Some clients will provide a client ID, but I think for token verification, it isn't required, so some other mechanism would be good, and User-Agent header seems like a good, obvious one that is visible at a high level.
It sometimes helps operational teams narrow down what application is the one causing load. Some clients will provide a client ID, but I think for token verification, it isn't required, so some other mechanism would be good, and User-Agent header seems like a good, obvious one that is visible at a high level.