if we are creating OAuth app with authorization code as a grant type, what will be the rate limit applicable to us from the following:
The maximum number of requests per client credentials grant token per minute is 300.
The maximum number of requests per organization per OAuth client per user per minute is 3000.
The maximum number of requests per token per minute is 3000.
Regards,
Hi,
To do a follow up on this question: When I look at the rate limits page at this moment, I see the last value "requests per token per minute" described as 300 and is only the middle one (per user),3000 but then the question:
I can understand the difference between "client credential" and the standard "per token" one, as that would be the rest, but what is meant by: "per organization per OAuth client per user per minute" ? I don't see how that would translate in a way to use the API and why that one is 3000 then....
Hello,
The maximum number of requests per token per minute is 300.
When a specific OAuth client is defined in Genesys configuration (for Implicit Grant, for Authorization Code Grant, for PKCE Grant, for SAML2 Bearer Grant), a user can request/obtain a token via that specific OAuth Client.
So if a user requests a first token using this OAuth Client - he can send up to 300 requests per minute using this token.
If this user requests a second token using this same OAuth Client, he can send up to 300*2 requests per minute (using both token - 300 for each).
That's why there is also a limit for users - The maximum number of requests per organization per OAuth client per user per minute - 3000
It means that the user will be limited to 3000 requests per minute using this OAuth Client - i.e. regardless of the number of tokens the user will get from this OAuth Client, he can't exceed 3000 requests per minute across these tokens.
Regards,
1 Like
Thanks Jerome, that clears it up a bit.
Then one last one, how should I see the relation between these Platform API (general?) rates related to (for instance), from the Analytics API:
activity.rate.per.second - The maximum number of requests per second for activity endpoints
limit: 20 (api/v2/analytics/*/[activity, observations]/query)
As this is part of the /api/v2/* from the platform API, though 20 per second is way higher then 300 a minute.
Is this 20 per second max (spread over multiple token in a client as described above (part of the 3000) or?
Hello,
activity.rate.per.second applies to the full org.
So limited to 20 requests per second globally, regardless of who is sending the request (I mean regardless of token/OAuthClient/user/...).
The other limits always apply as well.
With a (single) token I have requested and obtained for my app, I will be limited to 300 requests per minute on /api/v2/*
Among these 300 requests per minute on /api/v2/* that I can send, I can send a number of requests to the activity endpoints/url. This number will be lower than 300 request per minute for me/for my token and the sum of all activity requests sent globally (all clients/tokens/...) will be limited to 20 per second. So If other applications you have i your org already consume/send 19 request per second on activity endpoints, you have only one left per second for our app, etc etc...
Regards,
Jerome, Thanks!