-
Notifications
You must be signed in to change notification settings - Fork 4
web sdk performance guide
This guide provides strategies for optimizing your Web SDK integration. Following these recommendations will improve response times, reduce server load, and create a more efficient application.
Always use text/json for optimal performance.
The Web SDK supports both JSON and XML, but JSON provides significantly better performance:
| Format | Accept Header | Performance Impact |
|---|---|---|
| JSON | text/json |
✅ Fastest - Recommended |
| JSON (legacy) | application/json |
Slower - For SC 5.7 compatibility |
| XML | text/xml |
Slower - Only when required |
| XML (legacy) | application/xml |
Slower - For SC 5.7 compatibility |
| Default | */* |
Slowest - Uses XML |
Example:
GET /entity?q=entity={guid},Name,Description
Accept: text/jsonPerformance gain: JSON responses are typically 30-40% smaller and parse faster than XML.
Problem: Retrieving all entity properties wastes bandwidth and processing time.
Solution: Use field projection to specify exactly which properties you need.
Inefficient (retrieves all properties):
GET /entity/{cardholder-guid}Efficient (retrieves only needed properties):
GET /entity?q=entity={cardholder-guid},FirstName,LastName,EmailAddress,MobilePhoneNumberResponse:
{
"Rsp": {
"Status": "Ok",
"Result": {
"FirstName": "Patricia",
"LastName": "Lynch",
"EmailAddress": "Lea66@hotmail.com",
"MobilePhoneNumber": "995-870-2733"
}
}
}Performance gain: Reduces response size by 70-90% in typical scenarios.
Use /entity/{guid} only when:
- You need all properties
- Exploring entity structure during development
- Creating complete backups
Problem: Making separate requests for each entity causes network overhead.
Solution: Batch multiple entity queries into a single request.
Inefficient (3 separate requests):
GET /entity?q=entity={cardholder1},FirstName,LastName
GET /entity?q=entity={cardholder2},FirstName,LastName
GET /entity?q=entity={cardholder3},FirstName,LastNameEfficient (1 batched request):
GET /entity?q=entity={cardholder1},FirstName,LastName,entity={cardholder2},FirstName,LastName,entity={cardholder3},FirstName,LastNameResponse:
{
"Rsp": {
"Status": "Ok",
"Result": [
{
"FirstName": "Patricia",
"LastName": "Lynch"
},
{
"FirstName": "Carson",
"LastName": "Jones"
},
{
"FirstName": "Philip",
"LastName": "Weissnat"
}
]
}
}Performance gain: Reduces network round-trips by 66% (1 request vs 3).
You can query different entity types in the same request:
GET /entity?q=entity={cardholder},FirstName,LastName,EmailAddress,entity={credential},Name,ActivationDate,StateResponse:
{
"Rsp": {
"Status": "Ok",
"Result": [
{
"FirstName": "Adrienne",
"LastName": "Rowe",
"EmailAddress": "adrienne.rowe@yahoo.com"
},
{
"Name": "Adrienne Rowe Credential",
"ActivationDate": "2023-07-15T04:31:00.307Z",
"State": "Active"
}
]
}
}Efficient batch update:
POST /entity?q=entity={cardholder1},EmailAddress=new1@example.com,entity={cardholder2},EmailAddress=new2@example.com,entity={cardholder3},EmailAddress=new3@example.comBenefits:
- Reduces network overhead
- Minimizes latency
- Improves server resource utilization
- Reduces serialization overhead
- Increases throughput
Limitation: Query string length limits.
Understanding and optimizing session management is critical for Web SDK performance. For detailed session architecture and authentication, see the Getting Started Guide.
When you make your first authenticated request, the Web SDK creates a session that:
- Establishes a connection to Security Center
- Caches queried entities in memory
- Stores session-specific settings (like
/creationpartition) - Tracks event subscriptions
| Event | Behavior | Impact |
|---|---|---|
| First request | Session created | Initial overhead (~200-500ms) |
| Subsequent requests | Session reused | Fast (~10-50ms) |
| 5 minutes of inactivity | Session expires | Next request recreates session |
| Any API call | Resets 5-minute timer | Keeps session alive |
| Event subscription active | Auto keep-alive every 1 minute | Session never expires |
Scenario: Session expires between requests
Cost of session recreation:
- Reconnect to Security Center (~100-200ms)
- Re-authenticate user (~50-100ms)
- Rebuild entity cache (~50-200ms)
- Total overhead: ~200-500ms per recreated session
Solution: Keep sessions alive.
Send a lightweight request every 4 minutes to keep the session alive:
GET /
Accept: text/jsonPros:
- Simple to implement
- Works for any application
- Low overhead
Cons:
- Background thread/timer required
- Small network overhead every 4 minutes
Subscribe to events to enable automatic keep-alive (every 1 minute):
GET /events/subscribe?q=event({entity-type},{event-type})Benefits:
- Automatic keep-alive built-in
- No manual timer needed
- Session never expires while subscribed
- Also provides real-time event stream
Best for: Applications that need real-time updates or run continuously.
For scripts or short-lived applications, accept session recreation overhead:
Best for:
- Cron jobs
- One-time scripts
- Applications that run < 5 minutes
Cost: ~200-500ms initial connection time per execution.
Recommendation: Use one Security Center user account per application.
Why:
- Sessions are shared by username + application ID
- Separate users = separate sessions = separate caches
- Prevents cache duplication
- Easier to manage
Example architecture:
Application A → user_app_a@example.com → Session A → Cache A
Application B → user_app_b@example.com → Session B → Cache B
Application C → user_app_c@example.com → Session C → Cache C
Critical: Some settings are session-scoped and lost when sessions expire:
-
/creationpartition/{partitionIds}- Default partition for entity creation - Entity cache contents
- Event subscriptions
Best practice:
- Call
/creationpartitionbefore creating entities (don't assume it persists) - Re-subscribe to events if session was recreated
- Implement session detection in your application
The Web SDK maintains an in-memory entity cache per session. Understanding and leveraging this cache is crucial for performance.
First request for an entity:
- Web SDK receives request
- Queries Security Center Directory
- Loads entity data
- Stores in cache
- Returns to client Time: ~50-200ms
Subsequent requests for same entity (cache hit):
- Web SDK receives request
- Returns from cache
- No Directory query needed Time: ~5-20ms
Performance gain: 10-40x faster for cached entities.
For operations that will access many entities, pre-load the cache:
GET /report/CardholderConfiguration?q=DownloadAllRelatedData=true,Page=1,PageSize=1000What happens:
- Retrieves cardholder GUIDs
- Loads complete entity data for all cardholders into cache
- Subsequent
/entityrequests for those cardholders are fast (cache hits)
Example workflow:
# Step 1: Warm cache (loads 1000 cardholders)
GET /report/CardholderConfiguration?q=DownloadAllRelatedData=true,Page=1,PageSize=1000
# Step 2: Query specific cardholders (served from cache - FAST)
GET /entity?q=entity={cardholder1},FirstName,LastName,entity={cardholder2},FirstName,LastNamePerformance gain: Steps 2+ are 10-40x faster.
Use when:
- Bulk operations on many entities
- Exporting data
- Generating reports
- Processing large batches
Don't use when:
- Querying single entities
- Only need GUID list (not full entity data)
- Memory constrained environments
- Session likely to expire before using cached data
What's cached per session:
- Entity data loaded via
/entityqueries - Entities loaded via
DownloadAllRelatedData=true - Related entities automatically loaded with main entity
What's NOT cached:
- Report results (
/reportendpoints) - Event stream data
If you only need basic entity information, don't use DownloadAllRelatedData=true:
Basic properties available without full entity load:
- Guid
- Name
- Description
- EntityType
- LogicalId
- CreatedOn
- IsOnline
- CustomFields (metadata only)
Example (efficient for basic info):
GET /report/CardholderConfiguration?q=Page=1,PageSize=100
# Returns GUIDs only, no full entity data loadedUse pagination for queries that return large result sets.
GET /report/{reportType}?q=Page={page},PageSize={pageSize}-
Page- Page number (starts at 1) -
PageSize- Results per page
The Web SDK uses a PageSize + 1 pattern to indicate more results:
More pages available:
{
"Rsp": {
"Status": "TooManyResults",
"Result": [
/* PageSize + 1 entities */
]
}
}Last page:
{
"Rsp": {
"Status": "Ok",
"Result": [
/* PageSize or fewer entities */
]
}
}Recommended page sizes:
- Small entities (basic properties): 1000-5000
- Medium entities (typical cardholders): 500-1000
- Large entities (with many relationships): 100-500
Factors affecting page size:
- Network bandwidth
- Memory constraints
- Processing time requirements
- Cache warming needs
Combine pagination with DownloadAllRelatedData for optimal bulk processing:
GET /report/CardholderConfiguration?q=Page=1,PageSize=1000,DownloadAllRelatedData=trueResult:
- Returns 1000 cardholder GUIDs (or PageSize + 1 if more exist)
- Loads complete data for all 1000 cardholders into cache
- Subsequent entity queries are served from cache
Endpoints supporting pagination:
/report/EntityConfiguration/report/CardholderConfiguration/report/CredentialConfiguration/report/UserReport/report/UserGroupReport/report/AccessRuleConfiguration
Problem: Creating new HTTP connections for each request adds overhead.
Solution: Use HTTP connection pooling in your client. Most HTTP client libraries support connection pooling and keep-alive connections.
Key configuration options:
- Enable keep-alive connections
- Set appropriate pool size (10-20 connections typical)
- Configure retry logic for transient failures
- Set reasonable timeouts
Performance gain: Reduces request overhead by 20-50ms per request.
Inefficient (retrieves all, filters client-side):
GET /report/CardholderConfiguration?q=Page=1,PageSize=10000
# Client filters for "John" locallyEfficient (filters server-side):
GET /report/CardholderConfiguration?q=FirstName=John,FirstNameSearchMode=Contains,Page=1,PageSize=100Performance gain: Reduces data transfer by 99% (100 vs 10000 results).
Filters use AND logic - combine them for precise queries:
GET /report/CardholderConfiguration?q=FirstName=John,FirstNameSearchMode=Contains,AccessStatus@Active,Page=1,PageSize=100Result: Only active cardholders with "John" in first name.
Apply these optimizations for maximum performance:
- Use
Accept: text/jsonheader - Use field projection (specify only needed properties)
- Implement session keep-alive strategy
- Use batch operations for multiple entities
- Use pagination for large result sets
- Use
DownloadAllRelatedDatafor bulk operations - One user account per application
- Use event subscriptions for real-time applications
Bulk data export:
- Use
DownloadAllRelatedData=true - Use large page sizes (1000-5000)
- Implement session keep-alive
- Use batch entity queries after cache warming
Real-time monitoring:
- Subscribe to events (automatic keep-alive)
- Use field projection for entity queries
- Cache entity data in your application
Short-lived scripts:
- Accept session creation overhead
- Use batch operations
- Use field projection
- Use pagination for large queries
Long-running applications:
- Implement periodic keep-alive (4 minutes)
- Use event subscriptions for real-time monitoring (provides automatic keep-alive)
- Cache frequently accessed entity data in your application
- Monitor session expiration and implement re-authentication
- Getting Started Guide - Session lifecycle details
- Entity Operations Guide - Batch operation syntax
- Troubleshooting Guide - Performance issue diagnosis
- Postman Collection - Example requests
-
Security Center SDK Developer Guide Overview of the SDK framework and how to build integrations with Security Center.
-
Platform SDK
- Platform SDK Overview Introduction to the Platform SDK and core concepts.
- SDK Certificates Details certificates, licensing, and connection validation.
- Entity Guide Explains the core entity model, inheritance, and how to work with entities.
- Entity Cache Guide Describes the engine's local entity cache and synchronization.
- SDK Transactions Covers batching operations for performance and consistency.
- ReportManager Querying entities and activity data from Security Center.
- Events and Actions Subscribing to events and handling actions.
- Logging with the Genetec SDK How to configure logging, diagnostics, and debug methods.
- Referencing SDK Assemblies Best practices for referencing assemblies and resolving them at runtime.
- SDK Compatibility Guide Understanding backward compatibility and versioning in the SDK.
-
Plugin SDK
- Plugin SDK Overview Introduction to plugin architecture and capabilities.
- Plugin SDK Certificates SDK certificate requirements for plugin roles.
- Plugin SDK Lifecycle Initialization and disposal patterns.
- Plugin SDK Threading Threading model, QueueUpdate, and async patterns.
- Plugin SDK Configuration Configuration storage and monitoring.
- Plugin SDK Restricted Configuration Secure credential storage and admin-only configuration.
- Plugin SDK Database Database integration and schema management.
- Plugin SDK Events Event subscription and handling.
- Plugin SDK Queries Query processing and response handling.
- Plugin SDK Request Manager Request/response communication with clients.
- Plugin SDK Entity Ownership Understanding plugin-owned entities, running state management, and ownership release.
- Plugin SDK Entity Mappings Using EntityMappings for plugin-specific configuration and external system integration.
- Plugin SDK State Management Reporting plugin health and diagnostics.
- Plugin SDK Server Management High availability and server failover.
- Custom Privileges Defining and enforcing custom privileges.
- Resolving Non-SDK Assemblies Handling third-party dependencies in plugins and workspace modules.
- Deploying Plugins Registering and deploying plugins and workspace modules.
-
- Macro SDK Developer Guide Complete guide to creating server-side automation scripts in Security Center using C#.
- Getting Started Setup, authentication, and basic configuration for the Web SDK.
- Referencing Entities Entity discovery, search capabilities, and parameter formats.
- Entity Operations CRUD operations, multi-value fields, and method execution.
- Partitions Managing partitions, entity membership, and user access control.
- Custom Fields Creating, reading, writing, and filtering custom entity fields.
- Custom Card Formats Managing custom credential card format definitions.
- Actions Control operations for doors, cameras, macros, and notifications.
- Events and Alarms Real-time event monitoring, alarm monitoring, and custom events.
- Incidents Incident management, creation, and attachment handling.
- Reports Activity reports, entity queries, and historical data retrieval.
- Performance Guide Optimization tips and best practices for efficient API usage.
- Reference Entity GUIDs, EntityType enumeration, and EventType enumeration.
- Under the Hood Technical architecture, query reflection, and SDK internals.
- Troubleshooting Common error resolution and debugging techniques.
- Media Gateway Guide Setup and configuration of the Media Gateway role for video streaming.
- Web Player Guide Complete guide to integrating GWP for live and playback video streaming.
- Web Player API Reference Full API documentation with interfaces, methods, properties, and events.
- Web Player Sample Application Comprehensive demo showcasing all GWP features with timeline and PTZ controls.
- Genetec Web Player Multiplexing Sample Multi-camera grid demo using a shared WebSocket connection.