Yes, your approach looks good and safe. You’re correctly using a Ktor client plugin to attach the UUID header, handling synchronization with a Mutex, and caching it properly to avoid repeated reads. Just make sure your SecureStorage uses something secure like EncryptedSharedPreferences or the Android Keystore so the ID stays protected across restarts.
Here’s the official Ktor documentation for reference: