Integration Hub¶
The Integration Hub (IH) is Sidra’s event-driven communication layer, enabling decoupled messaging between platform services, Data Products and external agents. It is built on Azure Service Bus, leveraging Topics and Subscriptions for asynchronous message delivery.
Integration Hub Configuration
Refer to the complete guide for configuring the Integration Hub in Sidra here.
Integration Hub Monitoring
Learn how to monitor metrics for the Integration Hub here.
Security and Architecture¶
Sidra integrates Azure Service Bus into each Data Storage Unit (DSU), secured and accessed via Sidra’s API.
- Communication is based on Service Bus Topics
- Role-based access control (RBAC) governs access to methods and Topics
- Fine-grained permissions per Topic (e.g., Listen, Send, Manage)
- SAS tokens are used for secure, policy-based authentication
More about Service Bus
Learn more about Service Bus Topics and SAS authorization.
Permissions¶
Access to Integration Hub functionality is managed through Sidra's security model. Users may be granted different permissions at the Topic level:
- Listen: Consume messages
- Send: Publish messages
- Manage: Create, update, or delete Topics and Subscriptions
Permissions are enforced via the Integration Hub API and reflected in SAS token scopes.
Integration Hub API¶
All functionality is exposed via a single controller: TopicsController
. Below is an overview of the available endpoints.
Topics¶
-
GET
/api/topics/{idDSU}
List all Topics in the DSU. RequiresReadIntegrationHub
.
Only Topics where the user has any permission are shown. -
GET
/api/topics/{idDSU}/{topic}
Get detailed information about a specific Topic.
RequiresReadIntegrationHub
. -
POST
/api/topics/{idDSU}/{topic}
Create a new Topic. RequiresWriteIntegrationHub
.
Creator is granted full permissions (Listen, Send, Manage). -
DELETE
/api/topics/{idDSU}/{topic}
Delete a Topic. RequiresDeleteIntegrationHub
andManage
on the Topic.
SAS Authentication Policies¶
-
GET
/api/topics/{idDSU}/{topic}/authpolicies
List SAS policies for a Topic. RequiresReadIntegrationHub
.
Policies exceeding the requestor’s access level are hidden. -
GET
/api/topics/{idDSU}/{topic}/authpolicies/{policy}
Retrieve a specific SAS policy. RequiresReadIntegrationHub
. -
POST
/api/topics/{idDSU}/{topic}/authpolicies
Create SAS policies. RequiresWriteIntegrationHub
.
Users cannot assign higher permissions than their own.
Possible values: - 0: Manage - 1: Send - 2: Listen
Info
See Microsoft's SAS policies documentation.
-
DELETE
/api/topics/{idDSU}/{topic}/authpolicies/{policy}
Delete a SAS policy. RequiresDeleteIntegrationHub
andManage
on the Topic. -
GET
/api/topics/{idDSU}/{topic}/authpolicies/{policy}/sas
Get a SAS token for a Topic using a specific policy.
RequiresReadIntegrationHub
and permission level equal to or higher than the policy.
Subscriptions¶
-
GET
/api/topics/{idDSU}/{topic}/subscriptions
List subscriptions to a Topic. RequiresReadIntegrationHub
andListen
orManage
. -
GET
/api/topics/{idDSU}/{topic}/subscriptions/{subscription}
Get details of a specific subscription. RequiresReadIntegrationHub
. -
POST
/api/topics/{idDSU}/{topic}/subscriptions?subscriptionKeyName={name}
Create a subscription. RequiresWriteIntegrationHub
andListen
. -
POST
/api/topics/{idDSU}/{topic}/subscriptions/labelrule
Add a rule to filter messages byLabel
.
Subscription only receives messages matching the rule. -
DELETE
/api/topics/{idDSU}/{topic}/subscriptions/{subscription}
Delete a subscription. RequiresDeleteIntegrationHub
andManage
.
Permissions Management¶
- PUT
/api/topics/{idDSU}/permissions
Assign permissions on a Topic to a user. RequiresWriteIntegrationHub
.
Caller must haveManage
on the Topic.
Info
More information is available in the Integration Hub API documentation.