Page MenuHomePhabricator
Create Task
Maniphest T406607

[Hypothesis] 5.2.2b: Action API Rerouting
Closed, ResolvedPublic
Actions

Description

If we route the Action API through the central API gateway, we can begin consistently measuring traffic and usage patterns to gain insights that will inform future decisions and actions.

Background

Our KR focuses on migrating existing APIs to utilize common infrastructure, so that we may start driving commonalities across Wikimedia APIs and make it easier to monitor, maintain, and deliver API capabilities. The most critical piece of that infrastructure is introducing a universal API Gateway. Utilizing a common API gateway to serve, monitor, and control API access paves the way for more complex program needs, such as standardizing rate limits and authentication mechanisms. This gateway will take advantage of the existing API management gateway known internally as the REST gateway.

Problem statement
The Action API is our most heavily used API, powering thousands of community built bots and tools as well as key WMF owned features and extensions. Today, API controls such as rate limiting are implemented at the application layer and vary across specific modules. Additionally, although basic API monitoring is now in place, we lack more sophisticated tooling that could help us make better data driven decisions, particularly as it relates to comparing the Action API capabilities and utilization against other API families. While these problems are not directly solved by routing the endpoints through a common gateway, they are at least steps in the right direction to improve API observability and governance.

Impacted users
If done correctly, this work should have no impact on API users. Instead, it will provide benefits to API authors and owners by creating a centralized location to view API traffic and performance. Additionally, as we move towards standardizing API controls such as rate limiting and concurrency, API managers will have a single point to observe and enforce.

Scope

  • Route Action API through the Common Gateway (fka: REST Gateway)
  • Test and verify there is no impact on end users as the result of rerouting
  • Iteratively dial up traffic per wiki group

Out of Scope

  • Because there is effectively a single endpoint for the Action API, we are not performing an internal audit of the individual actions/modules.

Expected Outcomes

By routing the Action API through the Common Gateway, we will be able to improve consistency and observability.

Assumptions

  • The Action API currently has no existing gateway; instead, traffic is handled on a dedicated cluster and simply passed through to the MediaWiki application. This means that it is unlikely that there is any custom request handling logic or header injections at the edge.

Known risks & limitations

  • Because Action API usage is so pervasive, the impact of breaking it is high. However, we expect the risk of breakage to be very low, given the current architecture.

Related Work

WE5.2.2: Central Rerouting. In Q1, we completed work to reroute endpoints under the rest.php path. Future work will include continuing the rerouting effort across additional API families.

Dependencies

None

Next steps

This work only covers the Action APIs. Additional APIs, and particularly those served outside of MediaWiki, are still pending.

Deadline

Given the small scope, this work will ideally be completed by the end of November.

Related Objects
Search...

Event Timeline

HCoplin-WMF created this task.Oct 7 2025, 3:18 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 7 2025, 3:18 PM
HCoplin-WMF added a project: [MWI] FY2025-26 Q1.Oct 7 2025, 3:22 PM
HCoplin-WMF removed a project: [MWI] FY2025-26 Q1.
HCoplin-WMF added a project: [MWI] FY2025-26 Q2.Oct 7 2025, 4:01 PM
HCoplin-WMF added a project: OKR-Work.
HCoplin-WMF moved this task from Backlog to Next on the [MWI] FY2025-26 Q2 board.Oct 7 2025, 4:03 PM
HCoplin-WMF triaged this task as High priority.Oct 7 2025, 9:23 PM
HCoplin-WMF updated the task description. (Show Details)
HCoplin-WMF added a subtask: T406599: Action API Test Plan & Execution for rest gateway rerouting.
HCoplin-WMF added a subtask: T406324: Add support to rest-gateway for action API.
HCoplin-WMF updated the task description. (Show Details)Oct 7 2025, 9:25 PM
HCoplin-WMF moved this task from Next to Now on the MW-Interfaces-Team (MWI-Roadmap) board.Oct 9 2025, 7:46 PM
HCoplin-WMF renamed this task from [Hypothesis] 5.2.x: Action API Rerouting to [Hypothesis] 5.2.2b: Action API Rerouting.Oct 9 2025, 8:11 PM
Clement_Goubert changed the status of subtask T406324: Add support to rest-gateway for action API from Open to In Progress.Oct 14 2025, 11:39 AM
Clement_Goubert closed subtask T406324: Add support to rest-gateway for action API as Resolved.Oct 16 2025, 11:25 AM
Clement_Goubert changed the status of subtask T408223: Action API via rest-gateway production rollout from Open to In Progress.Nov 3 2025, 9:56 AM
HCoplin-WMF moved this task from Next to Now on the [MWI] FY2025-26 Q2 board.Nov 3 2025, 8:27 PM
HCoplin-WMF closed subtask T406599: Action API Test Plan & Execution for rest gateway rerouting as Resolved.Nov 7 2025, 4:10 AM
hnowlan mentioned this in T410007: upstream request timeout, http-status 504 in the API.Nov 17 2025, 11:31 AM
Clement_Goubert closed this task as Resolved.Nov 25 2025, 1:02 PM
Clement_Goubert closed subtask T408223: Action API via rest-gateway production rollout as Resolved.
Clement_Goubert updated the task description. (Show Details)
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits