Limitations and best practices
WebSocket is a powerful communication protocol but has certain limitations and considerations that affect its configuration and usage in API Gateway.
Limitations
While WebSocket provides real-time, bidirectional communication, it has these limitations:
- WebSocket does not support Swagger documentation.
- There is no metadata indexing for WebSocket endpoints.
- By default, WebSocket calls time out when idle. Idle is defined as fewer than or equal to six bytes of data incoming or outgoing on the connection within a 30-minute period.
- Some policies must be blocked for WebSocket endpoints because they can interfere with functionality:
- CacheResponse
- FaultHandling
- JsonThreatProtection
- regExThreatProtection
- targetTimeout
- jsonTransform
- user-security-claims
- xmlThreatProtection
- xmlToJson
- Quota
- Throttling
Best practices when using WebSocket endpoints
- Ensure that the client can re-establish the connection if a timeout occurs.
- Verify the validity of the token during reconnection attempts.
- Implement a retry mechanism with a fallback step in case of repeated reconnection failures.
- Always use secure WebSocket (wss://) for enhanced security.