I think we have a wrong Platform API limit description documented in our Limits (genesys.cloud)
It says:
Name: org.app.user.rate.per.minute
Description: The maximum number of requests per organization per OAuth client per user per minute
Limit: 3000
I think it is more accurate to says that this is an organizational limit. As far as I understand we do not allow to go above 3000 requests per minute to our public API for a whole organization. (regardless of size, number of agents or OAuth tokens)
Please correct me if I am wrong. Otherwise I would ask to correct the documentation
I don't disagree that the wording for org.app.user.rate.per.minute could be made a little more clear, but it is not 3000 requests per minute for the whole org.
The org.app.user.rate.per.minute applies to Authorization Code and Token Implicit grant OAuth clients where multiple users can authenticate against those types of OAuth clients and each user gets a unique access token. Each of those access tokens allow for the rate limits, and therefore a user can make 3000 API requests/minute per access token.
App 1 -> OAuth Client 1 -> Access Token 123 for Jim -> Jim can make 3000 requests/minute
App 1 -> OAuth Client 1 -> Access Token 456 for Georgy -> Georgy can make 3000 requests/minute
App 2 -> OAuth Client 2 -> Access Token ABC for Jim -> Jim can make 3000 requests/minute
App 2 -> OAuth Client 2 -> Access Token XYZ for Georgy -> Georgy can make 3000 requests/minute
So if there are two custom client apps on the Apps menu, and you and I are logged into both apps, then you and I can both make 3000 requests/minute per app (i.e. OAuth client).
Hi Jim,
Thank you very much for your reply.
Now I think things are more clear, but since we are at it allow me to try to breakdown my general org limits understanding:
Above all, we have a limit of max. 100 OAuth clients across all grant types combined. For example 50 clients using Authorization Code, 30 using Implicit, and 20 using Client Credentials. Not one more allowed than their sum of 100 OAuth clients.
User-based grants (Authorization Code and Implicit) allow for multiple tokens per user, each token with it´s own 300 requests per minute limit. But across one user´s tokens, we allow max. 3000 requests per minute per client/user.
Client Credential grants are limited to 10 active tokens per client. Here again each token has it´s own 300 requests per minute limit. But across those 10 tokens we allow max. 3000 requests per minute per client.
To sum it up: By making use of multiple OAuth clients for example for different applications or architect flow types one organization can go well above 3000 API request per minute. The only organizational limit there really is would be 100 OAuth clients * 3000 requests/min. = 300.000 requests/min. (hopefully nobody hits this one )
