Hi Team,
Where should we see the additional configurations of the web api we create like rate limit, timeout, payload size limitations, retry threshold etc? Is it modifiable for cloud environment?
Along with that, I also have few other questions below:
1. when we expose our data via API, as an additional security, do we have any methods to black list/white list system IPs?
2. what's the good practice regarding rotation of authentication credentials in web api?
3. what is the typical response time for webapi?
Thanks in advance!
Discussion posts and replies are publicly visible
AFAIK: In the Appian Cloud environment, Appian manages configurations such as rate limits, timeouts, payload size limits, and retry thresholds at the infrastructure level.Appian executes Web APIs in milliseconds to a few seconds based on:
Complexity of the expression ruleVolume of data retrievalCalls to external systems.
Regarding the rotation of credntials, AFAIK it would be 60-90 days as per best practices
Appian can only provide the API itself. For any additional requirements, you should consider adding some sort of API gateway in front of Appian.