We are facing an issue with rate limit on out client side. They say it is causing issue to other applications as one app with most API calls is exhausting their limit. After shifting to Okta, its not supporting limiting number of calls using API token, I didn’t find a way to control number of calls/request using API token. In absence of this all applications using the APIs are getting affected. There should be some control on API tokens otherwise creating separate tokens for different apps makes no sense.
You can insert some sort of GW in front of Okta, so that your callers go through it. There you can implement whatever logic you need