Architecture
- BotKit is a Node.js application that intercepts Platform events and adds custom processing.
- It runs as a standalone service, receiving message events, feedback survey events, and webhook events from the Platform.
- It sends responses back to the Platform to control conversation flow.
Hosting
| Option | Notes |
|---|---|
| Dedicated VM | Recommended starting point |
| AWS Lambda (serverless) | Viable for event-driven workloads |
System Requirements
| Requirement | Minimum |
|---|---|
| Node.js | v16 or higher |
| vCPU | 2 |
| RAM | 4 GB |
Performance
- Load test the BotKit API using Apache Bench or JMeter to benchmark throughput before going live.
- All code inside BotKit event handlers must use asynchronous processing. Synchronous long-running operations block the event loop and degrade overall throughput.
High Availability
- Deploy multiple BotKit instances behind a load balancer in an active-active configuration.
- Monitor the BotKit process and configure automatic restart on failure (use a process manager like
pm2or a systemd service).
Asynchronous API
- The Platform sends events to your configured BotKit endpoint.
- BotKit supports async communication: respond with an ACK immediately, then call the return URL with the final response.
- See sdk.AsyncResponse and sdk.respondToHook.
API Authorization
- Whitelist Platform IP addresses so only the Platform can call your BotKit API.
- Require the Platform to authenticate requests using the Client ID and Client Secret generated when registering the BotKit app.
Rate Limiting
- Implement rate limiting on the BotKit API endpoint to protect against excessive requests.
- Enforce limits per API key to prevent individual clients from overloading the system.