Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

When Saviynt executes an API, are there limitations on the number of access attempts?

JPMac
Regular Contributor II
Regular Contributor II

According to the following document, there are limitations on the number of access attempts when executing an API to Saviynt.

https://documenter.getpostman.com/view/23973797/2s9XxwutWR

- > The Web Application Firewall (WAF) limit for Saviynt EIC is 5000/IP/5minutes. This limit ensures that the network traffic communicating with EIC is legitimate, and enhances security.


On the other hand, when Saviynt executes an API to another application, does Saviynt itself have a threshold for API executions?

My understanding is that it is entirely based on the specifications of the application being integrated, and there is no threshold for the number of API executions in Saviynt, but is it right?

1 REPLY 1

rushikeshvartak
All-Star
All-Star

Your understanding is mostly correct. When Saviynt executes an API to another application, the threshold or rate limit for API executions primarily depends on the specifications and rate limits imposed by the application being integrated.

Key Points to Consider:

  1. External Application Rate Limits:

    • The rate limits are determined by the application to which Saviynt is making API requests. Each application will have its own rate limiting policies to prevent abuse and manage resource usage effectively. You should refer to the documentation of the specific application to understand its rate limits.
  2. Saviynt's Internal Handling:

    • While Saviynt itself does not impose a general rate limit for making outbound API calls to other systems, it is good practice to ensure that your integrations handle rate limiting gracefully. This includes implementing retry logic, exponential backoff, and error handling to manage rate limiting responses from the external application.
  3. Throttling in Saviynt:

    • Although there might not be a hard limit within Saviynt for outbound API calls, there could be best practices or recommendations for performance optimization and ensuring system stability. For example, if your integration design involves making a high volume of API calls, consider how this might impact overall system performance.

Example Practices for Handling Rate Limits:

  • Respect Rate Limits:

    • Always follow the rate limits specified by the external application's API documentation.
  • Retry Logic:

    • Implement retry logic with exponential backoff to handle 429 (Too Many Requests) errors effectively.
  • Batch Requests:

    • If the external application supports batch requests, use them to reduce the number of individual API calls.
  • Monitoring and Alerts:

    • Monitor API usage and set up alerts for any rate limit warnings or errors to proactively manage the integration.
  • Optimization:

    • Optimize the number of API calls by fetching only the necessary data and avoiding redundant requests.

Confirmation:

Based on the information provided in the document you referenced, the Web Application Firewall (WAF) limit for Saviynt EIC is 5000 requests per IP per 5 minutes. This limit is specifically for inbound requests to Saviynt, not outbound.

Thus, your understanding is correct that Saviynt does not impose a specific threshold for the number of outbound API executions. The limitations will depend on the specifications of the application being integrated. However, it's always a good practice to design integrations that are aware of and can handle these external rate limits gracefully.


Regards,
Rushikesh Vartak
If this helped you move forward, click 'Kudos'. If it solved your query, select 'Accept As Solution'.