Skip to content

Integration Hub

The Integration Hub (IH) is Sidra’s event-driven communication layer, enabling decoupled messaging between platform services, Data Products and external agents. It is built on Azure Service Bus, leveraging Topics and Subscriptions for asynchronous message delivery.

Integration Hub Configuration

Refer to the complete guide for configuring the Integration Hub in Sidra here.

Integration Hub Monitoring

Learn how to monitor metrics for the Integration Hub here.

Security and Architecture

Sidra integrates Azure Service Bus into each Data Storage Unit (DSU), secured and accessed via Sidra’s API.

  • Communication is based on Service Bus Topics
  • Role-based access control (RBAC) governs access to methods and Topics
  • Fine-grained permissions per Topic (e.g., Listen, Send, Manage)
  • SAS tokens are used for secure, policy-based authentication

More about Service Bus

Learn more about Service Bus Topics and SAS authorization.

Permissions

Access to Integration Hub functionality is managed through Sidra's security model. Users may be granted different permissions at the Topic level:

  • Listen: Consume messages
  • Send: Publish messages
  • Manage: Create, update, or delete Topics and Subscriptions

Permissions are enforced via the Integration Hub API and reflected in SAS token scopes.

Integration Hub API

All functionality is exposed via a single controller: TopicsController. Below is an overview of the available endpoints.

Topics

  • GET /api/topics/{idDSU}
    List all Topics in the DSU. Requires ReadIntegrationHub.
    Only Topics where the user has any permission are shown.

  • GET /api/topics/{idDSU}/{topic}
    Get detailed information about a specific Topic.
    Requires ReadIntegrationHub.

  • POST /api/topics/{idDSU}/{topic}
    Create a new Topic. Requires WriteIntegrationHub.
    Creator is granted full permissions (Listen, Send, Manage).

  • DELETE /api/topics/{idDSU}/{topic}
    Delete a Topic. Requires DeleteIntegrationHub and Manage on the Topic.

SAS Authentication Policies

  • GET /api/topics/{idDSU}/{topic}/authpolicies
    List SAS policies for a Topic. Requires ReadIntegrationHub.
    Policies exceeding the requestor’s access level are hidden.

  • GET /api/topics/{idDSU}/{topic}/authpolicies/{policy}
    Retrieve a specific SAS policy. Requires ReadIntegrationHub.

  • POST /api/topics/{idDSU}/{topic}/authpolicies
    Create SAS policies. Requires WriteIntegrationHub.
    Users cannot assign higher permissions than their own.

Possible values: - 0: Manage - 1: Send - 2: Listen

Info

See Microsoft's SAS policies documentation.

  • DELETE /api/topics/{idDSU}/{topic}/authpolicies/{policy}
    Delete a SAS policy. Requires DeleteIntegrationHub and Manage on the Topic.

  • GET /api/topics/{idDSU}/{topic}/authpolicies/{policy}/sas
    Get a SAS token for a Topic using a specific policy.
    Requires ReadIntegrationHub and permission level equal to or higher than the policy.

Subscriptions

  • GET /api/topics/{idDSU}/{topic}/subscriptions
    List subscriptions to a Topic. Requires ReadIntegrationHub and Listen or Manage.

  • GET /api/topics/{idDSU}/{topic}/subscriptions/{subscription}
    Get details of a specific subscription. Requires ReadIntegrationHub.

  • POST /api/topics/{idDSU}/{topic}/subscriptions?subscriptionKeyName={name}
    Create a subscription. Requires WriteIntegrationHub and Listen.

  • POST /api/topics/{idDSU}/{topic}/subscriptions/labelrule
    Add a rule to filter messages by Label.
    Subscription only receives messages matching the rule.

  • DELETE /api/topics/{idDSU}/{topic}/subscriptions/{subscription}
    Delete a subscription. Requires DeleteIntegrationHub and Manage.

Permissions Management

  • PUT /api/topics/{idDSU}/permissions
    Assign permissions on a Topic to a user. Requires WriteIntegrationHub.
    Caller must have Manage on the Topic.

Info

More information is available in the Integration Hub API documentation.