Federated APIs are Finally Here

May 4, 2020
Ralf Schiffert
Ralf SchiffertProduct Manager
Federated APIs are Finally Here

In February, Webex announced support for Federated data soverignty. In the time since, we have asked our new EU based customers to refrain from working with or building new Webex applications. We are now lifting all restrictions for EU users as they relate to the developer APIs and Webex applications.

The work to support API request in a Federated environment was complex. Not only must every API call be inspected in order understand the home cluster of the caller, depending on the context of the request, the platform may need to reach across multiple clusters in order to collect and aggregate the results. In order to support this logic, it was crucial to ensure that all our APIs return objects that include an ID which provides information about the federated cluster that it belongs to.

For this reason, it is no longer possible to use UUIDs in our APIs. While support for this was never documented or promoted, we have historically accepted this input in many APIs. For example, it was possible to query a space by /rooms/xxx-xxx-xxx-xxx with the UUID. The roomId as returned by the API encodes the cluster. This means you need to use the documented /rooms/Y2xxxxxxxxxxxx for us to find the correct cluster for the space. This is also the case for other resources like /people or /messages. Always use the IDs returned from the API and you will be good.

Thanks for bearing with us, as we tuned our API gateways and backend services for this new federated world, and for allowing us to explain the challenges and limitations that it brings. Going forward as developers, you are shielded from all the complexity going on behind the scenes. In fact, if you are already working with our APIs, it would seem nothing has changed. Further on, what we build helps with our global scaling strategy. The resolution of resources to clusters and geographies is universally extensible and helps as we expand around the world, making your applications available to a global audience.

With that, you can now build awesome new apps respecting data localities and geographic privacy concerns. Just another tool in your toolbox. We have seen dozens of partners already making use of this in the healthcare space which is heavily regulated and urgently caters to regional privacy concerns. What is said in the EU stays in the EU :-)

In case you experience 404 or other strange errors, that you have not seen before in your app please, join the support space and tell us about it. We worked very hard to make you successful and want to continue doing so in the future.