REST API rate limit

lahiruchandima · December 3, 2021, 7:22am

This page specifies the rate limits that are applied to REST API calls.

What will happen to requests sent after breaching the rate limit?

I have to call the Okta primary authentication endpoint in my application. Is it possible to set a lower rate limit for any requests made for a particular user, so the endpoint rate limit is not breached if endpoint is called rapidly for a single user, so any requests made for other users will not be affected?

phi1ipp · December 3, 2021, 2:36pm

Requests above rate limit will get 429 response from Okta. It’s described in the documentation.
What you are describing is called ‘Client Rate Limit’, and it’s currently only configurable for /authorize and /login/login.html endpoints. Not sure if /authn is in the roadmap.

Any insights from Okta folks? @andrea

andrea · December 3, 2021, 4:12pm

Far as I know, the two you listed are the only ones it applies to at this time.

system · December 4, 2021, 4:13pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Clarification on rate limits API	2	2134	November 22, 2022
Per-user limits change API	2	2235	December 2, 2022
Client based rate limits not enforced Questions	3	3104	June 24, 2021
API rate limits on CORS API? API	2	4250	June 5, 2019
How to enforce Client-Based Rate Limiting for OAuth Service Clients (Client Credentials Grant) in Okta? OAuth/OIDC	3	1823	February 15, 2024

REST API rate limit

Related topics