Moesif FAQ


Does this work for public APIs and developer platforms?

Definitely. Many of Moesif’s customers publish APIs that are used by partners and their greater developer community. Having the right analytics is critical to understand how to achieve growth goals for your developer adoption.

Will this work behind firewalls and for internal APIs?

Yes, our SDKs can work on-premises and behind firewalls such as internal and private APIs. The Moesif SDKs don’t require opening any incoming ports to function.

Does Moesif sample or capture all requests?

For self-service plans, Moesif captures all API requests that are not set to skip. Enterprise plans have the flexibility of capturing all requests or leveraging dynamic sampling. For example, you can define sample rates for individual customer cohorts to control your own costs. Read more

Will they impact my app performance or availability?

No, our SDKs capture data out of band via asynchronous queuing to ensure your application performance is not impacted even in a worst case scenario where the Moesif collection network goes down.

Are your SDKs open-source?

Yes, all our SDKs and API gateway plugins are open-source and supports both public and internal APIs. They are available on GitHub. We also have an open REST API if the SDKs don’t fit your needs. More info is in our Developer Docs.

Can I embed or white label the charts?

Yes, Moesif provides embedded API logs and charts to insert metrics in your developer portal or internal dashboards with a few clicks while ensuring data is dynamically isolated per account.

Cloud Proxy

What happens if the upstream service has an error?

If it’s a simple error such as 5xx or 4xx, that is relayed to the client. If there is no response due to timeout, host unreachable, etc, then Moesif will set a moesif_error JSON key to the response:

    "moesif_error": {
        "code": "cloud_proxy_error",
        "msg": " is an invalid or unknown host"

Valid error codes include bad_request, server_error, auth_error, cloud_proxy_error, not_found, forbidden. Specifically, cloud_proxy_error is set when Moesif has issues communicating with the upstream service such as timeout or unknown host.

What are the outgoing IP Addresses for Cloud Proxy?

If your original API is protected by IP address filtering, you will need to add the following to your whitelist:


How do I encode more URLs?

You can go to Installation under the top right menu when logged into the Moesif portal at any time. Then, click on _ Codeless proxy under API We Consume


I am not receiving any alerts

Real-time alerting is available only on paid plans. In addition, Moesif looks at both current and historical data when deciding to send alerts. If you deployed a new endpoint, there may not be enough historical data to make a decision. Give it a day running in production first. If you still are having issues, feel free to email us or adjust the detection sensitivity. Also, ensure you have an active channel under Alert Settings.

I am receiving too many alerts

If a particular endpoint like GET /probe is noisy and generates many false alerts, you can add an explicit alert rule with 24 hrs as the maintenance window (i.e. always quiet) or increase the alert interval which will silence the route completely. If you just want to reduce the amount of alerts, take a look at adjusting the detection sensitivity.


I use Runscope, does this work with it?

Yes, we in fact have many customers complimenting the synthetic API testing and stimuli generation from Runscope with the real-time API monitoring and analytics from Moesif. Please review this guide for best practices.

Organizations and Team

What is the subscription owner?

The subscription owner is the person who is billed for the Moesif subscription and is the one who creates or manages the credit card on file. Other than managing the subscription/billing info, a subscription owner has no additional permissions.

By default, the creator of the organization is also the subscription owner, but this can be changed by emailing us.


What are Events?

An event is a completed API Call on your platform. If you integrated website tracking, events also include User Actions which is something your customer did on your website such as “Sign In” or “Purchased a Plan”. Creating a batch of N events will count for N events.

What is last N days data retained?

Moesif stores your data for a period determined by your plan. Upgrading your subscription will provide access to more historical data so you can query and analyze long-term trends.

What if I go over my monthly quota?

You will be charged à la carte rate of $100 per 1,000 MAUs rounded up to the next 1,000. We’ll also send you reminder emails when you’re getting close to your quota for the billing month.

How do I change or cancel my plan?

Go to the Subscription menu in your Moesif account or email us at

How do I estimate my plan usage?

Multiply your number of registered monthly active users (MAU) by 1,000 to get a rough estimate of number of Events per month. High-volume APIs and B2C may be significantly higher, but our features like dynamic sampling can offset those costs.Need help?

What payment options are there?

Automatic payments can be set up for Visa, Mastercard, Amex, Discover, JCB and Diners Club via our PCI DSS compliant service. Enterprise plans can be paid via wire transfer and direct debit/ACH.

What kind of billing you support?

For enterprise accounts, we support flexible billing terms with consolidated billing, flexible contract lengths, and quota limits per department. Contact sales for more info.

Who owns my data?

You do. You retain ownership of all your data and we never resell your data

Security and Compliance

Do you support GDPR and CCPA?

Yes, we make GDPR compliance a breeze with features like one-click user suppression and deletion. We also have an open API that enables GDPR subject access requests such right to access and right to erasure to be automatic and triggered from your existing workflows. See docs

What if I have sensitive data?

All our SDKs support data scrubbing which will mask any sensitive data before it leaves your data center. For sensitive applications, you can also leverage enterprise features like client-side encryption with bring your own keys (BYOK) for zero-knowledge security.

Will you sign a DPA?

Yes, our enterprise contracts include a Data Processing Addendum to enable our customers to be compliant with GDPR.

Are you secure?

Yes, we have a detailed security program which is available here.