SafetyNet Attestation API usage monitoring and alerting

550 views
Skip to first unread message

SafetyNet API Clients

unread,
May 17, 2019, 3:58:38 PM5/17/19
to SafetyNet API Clients

Hi,

An often overlooked component of a healthy integration with the SafetyNet Attestation API involves monitoring the usage of the API quota provisioned for your project(s). Issues caused by under-provisioned quota affect new and old integrations alike. They significantly undermine the quality of user-experience and protection available to your users and services.


The usage of the quota allocated to your project(s) may grow over time due to the following reasons:


  • Increased user-activity for your app.

  • Protection of new workflows in your app.

  • Your app is triggering more API retries.

  • Abusers have extracted API keys from your app and are stealing your quota.


These reasons indicate the inadequacy of monitoring your API quota usage solely from your app or server’s perspective. We therefore strongly recommend that developers utilize Stackdriver based monitoring (and optionally alerting) when using this API, to ensure that your service's quota allocation remains well provisioned.


The current guidelines for monitoring API usage are currently tailored towards APIs that support quota metrics in Stackdriver. This API does not currently support quota metrics. Instead, we recommend that developers use the following guidelines to set up monitoring and alerting for API usage (based on the alternative i.e. service metrics).


In the Metrics Explorer, first select Consumed API as the resource type. Then select Request count as the metric type. Use the filter to set the service to only match androidcheck.googleapis.com and then group by the project_id resource label. You may customize the filter and grouping settings further to suit your use-case (if necessary). Ensure aggregator is set to sum. Advanced aggregation options can be used to set an alignment period other than the default. This may be necessary if you want to monitor (and eventually alert based on) calls made per day to this API.


Once you've found the API usage information you need, you can use Stackdriver to create custom dashboards and alerts. Please refer to the following resources for further information:

You should also consider setting up separate monitoring (and alerting) for metrics related to peak usage, daily usage, error rates etc.

A detailed reference for serviceruntime metrics is available in the Stackdriver Monitoring documentation (some of which may not be currently available for this API).

To provide feedback, follow the main documentation.

Thanks & Regards,

SafetyNet API Clients Team


Reply all
Reply to author
Forward
0 new messages