diff --git a/lib/ably/auth.rb b/lib/ably/auth.rb
index 1e6e03fa..0befcb27 100644
--- a/lib/ably/auth.rb
+++ b/lib/ably/auth.rb
@@ -414,13 +414,20 @@ def auth_header
     #
     # @return [Hash] headers
     def extra_auth_headers
-      if client_id && using_basic_auth?
-        { 'X-Ably-ClientId' => Base64.urlsafe_encode64(client_id) }
+      if client_id_for_request
+        { 'X-Ably-ClientId' => Base64.urlsafe_encode64(client_id_for_request) }
       else
         {}
       end
     end
 
+    # ClientId that needs to be included with every rest/realtime request
+    # spec - RSA7e
+    # @return string
+    def client_id_for_request
+      options[:client_id] if options[:client_id] && using_basic_auth?
+    end
+
     # Auth params used in URI endpoint for Realtime connections
     # Will reauthorize implicitly if required and capable
     #
@@ -482,15 +489,16 @@ def can_assume_client_id?(assumed_client_id)
     #
     # @api private
     def configure_client_id(new_client_id)
-      # If new client ID from Ably is a wildcard, but preconfigured clientId is set, then keep the existing clientId
-      if has_client_id? && new_client_id == '*'
-        @client_id_validated = true
-        return
-      end
-
-      # If client_id is defined and not a wildcard, prevent it changing, this is not supported
-      if client_id && client_id != '*' &&  new_client_id != client_id
-        raise Ably::Exceptions::IncompatibleClientId.new("Client ID is immutable once configured for a client. Client ID cannot be changed to '#{new_client_id}'")
+      if has_client_id?
+        # If new client ID from Ably is a wildcard, but preconfigured clientId is set, then keep the existing clientId
+        if new_client_id == "*"
+          @client_id_validated = true
+          return
+        end
+        # If client_id is defined and not a wildcard, prevent it changing, this is not supported
+        if new_client_id != client_id
+          raise Ably::Exceptions::IncompatibleClientId.new("Client ID is immutable once configured for a client. Client ID cannot be changed to '#{new_client_id}'")
+        end
       end
       @client_id_validated = true
       @client_id = new_client_id
diff --git a/lib/ably/realtime/auth.rb b/lib/ably/realtime/auth.rb
index 4d12f87a..c1fc5983 100644
--- a/lib/ably/realtime/auth.rb
+++ b/lib/ably/realtime/auth.rb
@@ -226,6 +226,10 @@ def auth_header_sync
         auth_sync.auth_header
       end
 
+      def client_id_for_request_sync
+        auth_sync.client_id_for_request
+      end
+
       # Auth params used in URI endpoint for Realtime connections
       # Will reauthorize implicitly if required and capable
       #
diff --git a/lib/ably/realtime/connection.rb b/lib/ably/realtime/connection.rb
index 008a2116..c508ce92 100644
--- a/lib/ably/realtime/connection.rb
+++ b/lib/ably/realtime/connection.rb
@@ -469,8 +469,8 @@ def create_websocket_transport
               else
                 'false'
               end
-
-              url_params['clientId'] = client.auth.client_id if client.auth.has_client_id?
+              # RSA7e1
+              url_params['clientId'] = client.auth.client_id_for_request_sync if client.auth.client_id_for_request_sync
               url_params.merge!(client.transport_params)
 
               if !key.nil_or_empty? and connection_state_available?
diff --git a/lib/ably/rest/client.rb b/lib/ably/rest/client.rb
index 7aa34e3c..3dbda2df 100644
--- a/lib/ably/rest/client.rb
+++ b/lib/ably/rest/client.rb
@@ -597,7 +597,7 @@ def send_request(method, path, params, options)
             end
             unless options[:send_auth_header] == false
               request.headers[:authorization] = auth.auth_header
-
+              # RSA7e2
               options[:headers].to_h.merge(auth.extra_auth_headers).map do |key, val|
                 request.headers[key] = val
               end