Just a few simple steps to get started with Apitally.
This page guides you through the steps of configuring your Elysia application to work with Apitally. If you don’t have an account yet, now would be a good time to sign up.Once you’re done with this guide, you will be able to:
Get detailed metrics on API usage, errors, and performance
Track API adoption and usage by individual consumers
Log individual API requests, responses, and correlated application logs
To get started, create a new app in the Apitally dashboard and select as your framework.You can also configure the environments (e.g. prod and dev) for your app, or simply accept the defaults.After submitting, you will see tailored setup instructions for your app. These include code snippets you can copy and paste into your project.
The client ID provided in the setup instructions uniquely identifies your app for the purpose of data ingestion only. It does not grant any kind of read access to your data.
Next, install the Apitally SDK in your Elysia project.
bun add apitally
Add the Apitally plugin to your Elysia application and provide the clientId for your app.
You’ll find the clientId on the Setup instructions page for your app in the Apitally dashboard, which is displayed immediately after creating the app.
import { Elysia } from "elysia";import { apitallyPlugin } from "apitally/elysia";const app = new Elysia() .use( apitallyPlugin({ clientId: "your-client-id", env: "dev", // or "prod" etc. }), ) .get("/", () => "hello");
Deploy your application with these changes, or restart if you’re testing locally.
At this point the basic setup for your application is complete and you will start seeing data in the Apitally dashboard.
To analyze and filter API traffic by consumers, you can associate requests with consumer identifiers in your application.In most cases, use the authenticated identity to identify the consumer.
The identifier should be a string, such as a username, email address, or any other unique identifier.Optionally, you can also provide a display name and group for each consumer.Set the apitally.consumer property to associate requests with consumers, for example in a derive lifecycle function.
Logging of individual requests and responses is disabled by default to protect potentially sensitive data.
If you enable it, you can configure in detail what parts of the request and response should be logged.
You can also mask sensitive information (e.g. in headers) and exclude certain requests from logging.The SDK applies default masking rules for common sensitive headers, query parameters and request/response body fields.
import { Elysia } from "elysia";import { apitallyPlugin } from "apitally/elysia";const app = new Elysia() .use( apitallyPlugin({ clientId: "your-client-id", env: "dev", // or "prod" etc. requestLogging: { enabled: true, logRequestHeaders: true, logRequestBody: true, logResponseBody: true, captureLogs: true, captureTraces: false, // requires instrumentation }, }), ) .get("/", () => "hello");
import { Elysia } from "elysia";import { apitallyPlugin } from "apitally/elysia";const app = new Elysia() .use( apitallyPlugin({ clientId: "your-client-id", env: "dev", // or "prod" etc. requestLogging: { enabled: true, logQueryParams: true, logRequestHeaders: true, logRequestBody: true, logResponseHeaders: true, logResponseBody: true, logException: true, captureLogs: true, captureTraces: false, // requires instrumentation // Mask query parameters using regex maskQueryParams: [/^card_number$/i], // Mask headers using regex maskHeaders: [/^X-Sensitive-Header$/i], // Mask request/response body fields using regex maskBodyFields: [/^sensitive_field$/i], // Mask request/response body with custom logic via callbacks (e.g. for admin endpoints) // The callback should return null to mask the whole body, or return the (modified) raw body maskRequestBodyCallback: (request) => request.path?.startsWith("/admin/") ? null : request.body, maskResponseBodyCallback: (request, response) => request.path?.startsWith("/admin/") ? null : response.body, // Exclude paths from request logging using regex (common health check paths are excluded by default) excludePaths: [/\/metrics$/], // Exclude requests from logging with custom logic via callback (e.g. exclude requests from a specific consumer) // The callback should return true to exclude the request excludeCallback: (request, response) => request.consumer === "some-consumer", }, }), ) .get("/", () => "hello");
The Request logs dashboard now shows individual requests handled by your application. You can filter, search, and inspect them in detail.
Tracing gives you a detailed breakdown of time spent during the handling of each request, showing the duration of database queries, HTTP calls, and other operations.To enable tracing, set captureTraces to true and instrument the libraries you want to trace with OpenTelemetry. See the tracing guide for further instructions.