Moesif FAQ

Implementation

Does this work for APIs as a Product or Developer Platforms?

Of course. Many of Moesif’s customers deliver APIs as a product or have a developer platform that attracts for 3rd party developers. Having the right analytics is important to iterate and grow these developer programs.

Will they impact my app performance or availability?

No, our SDKs capture data batches out of band via asynchronous queuing to ensure your application performance is not impacted even in a worst case scenario where the Moesif collection network goes down.

What about firewalls and internal APIs?

Our SDKs can work on-premises and behind firewalls for internal and private APIs. The SDKs don’t require opening any incoming ports to function.

Are your SDKs open-source?

Yes, all our SDKs and API gateway plugins are open-source and supports both public and internal APIs. They are available on GitHub. We also have an open REST API if the SDKs don’t fit your needs. More info is in our Developer Docs.

Does Moesif sample or capture all requests?

For self-service plans, Moesif captures all API requests that are not set to skip. Enterprise plans can either capture all requests or leverage our sampling feature. For example, if you’re building high-volume IoT or analytics APIs, intelligent sampling can reduce your own cost and is accessible under the Runtime Rules menu. You can even set sampling to 0% for specific users and accounts with one-click for compliance and regulatory reasons.

Can I white label the charts with custom branding?

Yes, Moesif provides a mechanism to white label and incorporate your own branding in the workspaces. This enables workspaces to be shared with customers and partnrs or embedded directly in a customer facing portal. Email us to enable this feature.

Cloud Proxy

What happens if the upstream service has an error?

If it’s a simple error such as 5xx or 4xx, that is relayed to the client. If there is no response due to timeout, host unreachable, etc, then Moesif will set a moesif_error JSON key to the response:

{
    "moesif_error": {
        "code": "cloud_proxy_error",
        "msg": "https://api.badhost.com is an invalid or unknown host"
    }
}

Valid error codes include bad_request, server_error, auth_error, cloud_proxy_error, not_found, forbidden. Specifically, cloud_proxy_error is set when Moesif has issues communicating with the upstream service such as timeout or unknown host.

What are the outgoing IP Addresses for Cloud Proxy?

If your original API is protected by IP address filtering, you will need to add the following to your whitelist:

  • 104.209.149.188
  • 23.97.189.159
  • 13.77.136.224

How do I encode more URLs?

You can go to Installation under the top right menu when logged into the Moesif portal at any time. Then, click on _ Create trackable URLs with our Codeless Proxy_

Alerting

I am not receiving any alerts

Real-time alerting is available only on paid plans. In addition, Moesif looks at both current and historical data when deciding to send alerts. If you deployed a new endpoint, there may not be enough historical data to make a decision. Give it a day running in production first. If you still are having issues, feel free to email us or adjust the detection sensitivity. Also, ensure you have an active channel under Alert Settings.

I am receiving too many alerts

If a particular endpoint like GET /probe is noisy and generates many false alerts, you can add an explicit alert rule with 24 hrs as the maintenance window (i.e. always quiet) or increase the alert interval which will silence the route completely. If you just want to reduce the amount of alerts, take a look at adjusting the detection sensitivity.

Integrations

I use Runscope, does this work with it?

Yes, we in fact have many customers complimenting the synthetic API testing and stimuli generation from Runscope with the real-time API monitoring and analytics from Moesif. Please review this guide for best practices.

Organizations and Team

What is the subscription owner?

The subscription owner is the person who is billed for the Moesif subscription and is the one who creates or manages the credit card on file. Other than managing the subscription/billing info, a subscription owner has no additional permissions.

By default, the creator of the organization is also the subscription owner, but this can be changed by emailing us.

Billing

What are API calls?

An API call is an individual business transaction on your API. It contains the HTTP request, response, payload, custom metadata, and other data associated with the transaction. If you create a batch of API calls containing N items, it will count for N API calls.

What is last N days data retained?

Moesif stores your data for a period determined by your plan. Upgrading your subscription will provide access to more historical data so you can query and analyze long-term trends.

What if I go over my monthly quota?

You will be charged à la carte rate of $100 per million API calls rounded up to the next million. We’ll also send you an email when you’re getting close to your event quota for the billing month.

How do I change or cancel my plan?

Go to the Subscription menu in your Moesif account or email us at support@moesif.com.

What payment options are there?

Automatic payments can be set up with Visa, MasterCard, American Express, Discover, JCB and Diners Club and is processed through a PCI DSS compliant service. We also support Direct Debit/ACH and invoicing.

Are your SDKs open-source?

Yes, our SDKs are open-source and supports both public and internal APIs. They are available on GitHub. We also have an open REST API if the SDKs don’t fit your needs. More info is in our Developer Docs.

What kind of billing you support?

For enterprise accounts, we support flexible billing terms with consolidated billing, flexible contract lengths, and quota limits per department. Contact sales for more info.

Who owns my data?

You do. You retain ownership of all the data you send to your user account.

Security and Compliance

Do you support GDPR and CCPA?

Yes, we make GDPR compliance a breeze with features like one-click user suppression and deletion. We also have an open API that enables GDPR subject access requests such right to access and right to erasure to be automatic and triggered from your existing workflows. See docs

What if I have sensitive data?

All our SDKs support data scrubbing which will mask any sensitive data before it leaves your data center. Review your SDKs documentation on masking content.

Will you sign a DPA?

Yes, our enterprise contracts include a Data Processing Addendum to enable our customers to be complianct with GDPR.

Are you secure?

Yes, we have a detailed security program which is available here.