Solved: Re: WebSocket Rate Limiting

Shunsuke · 01-09-2024 09:19 PM

Hello,
We're planning to use Apigee and would like to know more about specifications of WebSocket support.
Is it possible to achieve below?
- Rate limit the number of messages in a WebSocket connection.
- Rate limit the number of WebSocket connections each user (or API key) can have at a time.
- Extract (logging) WebSocket messages.

Thank you

gonzalezruben

1. Apigee will not introspect into the connection to read flowing bidi messages.

2. Apigee can rate limit the number of incoming connections (protocol upgrade requests) using the Spike Arrest or Quota policies. Moreover, you can also enforce AuthN using security policies (Basic Auth, Verify JWT, etc.)

3. Apigee captures Analytics and metrics for ops monitoring for each protocol upgrade request. You can also configure Apigee to log the protocol upgrade request headers. You can't introspect into individual (bidi) messages (this should be logged by your ws implementation).

View solution in original post

gonzalezruben

1. Apigee will not introspect into the connection to read flowing bidi messages.

2. Apigee can rate limit the number of incoming connections (protocol upgrade requests) using the Spike Arrest or Quota policies. Moreover, you can also enforce AuthN using security policies (Basic Auth, Verify JWT, etc.)

3. Apigee captures Analytics and metrics for ops monitoring for each protocol upgrade request. You can also configure Apigee to log the protocol upgrade request headers. You can't introspect into individual (bidi) messages (this should be logged by your ws implementation).

Shunsuke

Thank you for the explanation!
If I understand correctly, API Gateway can handle protocol upgrade requests (not connections in precise) and more websocket control needs to be done by backend services if needed.

Thank you!