It is important when building an integration with InspectAll to put thought and care into the integration design and avoid bad practices which can cause disruption to the service. Integrations which cause disruption will have their API keys revoked automatically due to automated safeguards we have in place to protect the platform as a whole. When in doubt, please reach out to us with any questions. We want your integration to be successful!
Below are some common issues we've seen with integrations:
Request Rate Limit
You should limit the number of requests your API makes. We have the following rate limits set for the API:
- Warning issued at 100 requests/minute per IP address.
- Requests blocked when over 200 requests/minute per IP address.
Don't perform batch operations, but if you MUST, perform them off hours
In general large batch operations should be avoided. However we do understand that when starting an integration perhaps a batch of data needs to be requested. Examples of this is requesting every Account so as to keep your accounts in another system in-sync. After an initial sync be sure and use our "modifiedAt" properties on every object to only request data that has changed since the last time you've requested data.
- Off hours are on weekends beginning Saturday and ending Sunday evening Eastern time US. If you must call many requests during the week, preform the requests around 2am Eastern time US.
Report generation is a very resource intense operation involving a media rendering server and many MB of photos and data. Each time a report is requested it is rendered ad hoc in the background and the client is notified over web-sockets on completion. The async and resource intensive nature of this process was not designed to accommodate API integration but rather simple client-server purposes. The reporting API is not public and should not be automated. Performing batch operations to the reporting service will result in a revoked API key.
When you received any response code other than 200-OK then your API should fail gracefully (meaning notify yourself and stop making requests) . We've seen some API integrations continue to call hundreds of thousands of requests within short amounts of time after their keys were revoked or when the request was mal-formed.
Use Webhooks when possible
Long polling is bad and frowned upon in general when it comes to integrations. We have a robust webhook service which allows you to subscribe to common triggers that most integrations are interested in. When possible please subscribe to a webhook!