What is API Rate Limiting

API rate limiting in Agility limits access to APIs based on the rules and policies set by Digital.ai CloudOps. With API rate limiting in place, you can ensure protection against misuse of API requests to provide fair and compliant access to all Agility users.

Previously, Agility did not place API limits on query complexity, data volume, request frequency, or resource consumption. In some instances, the absence of predefined rules or policies on accessing APIs led to the following issues:

• UI performance degradation in an Agility instance.
• Difficulty in pulling API usage metrics to identify root cause of UI performance degradation.

How API Rate Limiting Works

The API rate limiting feature allows Digital.ai CloudOps to set limits on API usage for SaaS customers and gives customer System Administrators visibility into usage metrics.

With this feature API requests can be limited by request time, size of data returned, number of requests, and number of errors returned. These limits are configured in quota policies by Digital.ai CloudOps for a given time period (Example: 60 seconds).

Request metrics are tracked as quotas for each API consumer and checked against the limit duration configured in quota policies. When a limit exceeds, a 429 HTTP error indicating which limit has exceeded and the time remaining until requests are allowed is returned to the caller.

For example, if the caller exceeds a configured threshold of 20 errors within 60 seconds, the following JSON object will be returned with the 429 error:

    {

   "Message": " API request quota exceeded. Maximum of 20 errors per 60 second(s)",

    "RetryAfter": "50"

    }