Architecture
- BotKit is a Node.js application that intercepts Platform events and adds custom processing.
- It runs as a standalone service, receiving message events, feedback survey events, and webhook events from the Platform.
- It sends responses back to the Platform to control conversation flow.
Hosting
Typical starting spec: 2 vCPU, 4 GB RAM. Adjust based on load testing.
Follow the BotKit installation steps in Installing the BotKit SDK.
System Requirements
Performance
- Load test the BotKit API using Apache Bench or JMeter to benchmark throughput before going live.
- All code inside BotKit event handlers must use asynchronous processing. Synchronous long-running operations block the event loop and degrade overall throughput.
High Availability
- Deploy multiple BotKit instances behind a load balancer in an active-active configuration.
- Monitor the BotKit process and configure automatic restart on failure (use a process manager like
pm2or a systemd service).
Asynchronous API
- The Platform sends events to your configured BotKit endpoint.
- BotKit supports async communication: respond with an ACK immediately, then call the return URL with the final response.
- See sdk.AsyncResponse and sdk.respondToHook.
API Authorization
- Whitelist Platform IP addresses so only the Platform can call your BotKit API.
- Require the Platform to authenticate requests using the Client ID and Client Secret generated when registering the BotKit app.
Rate Limiting
- Implement rate limiting on the BotKit API endpoint to protect against excessive requests.
- Enforce limits per API key to prevent individual clients from overloading the system.