Application rate limits can be configured for OAuth applications to control the number of requests they make to an Okta API endpoint. This prevents any single OAuth application from monopolizing the endpoint's rate limit. By default, Okta sets this consumption threshold to 50% of the total rate limit for each endpoint. This article will explain how to investigate these limits in an Okta org.

• OAuth applications using the Okta Identity Engine (OIE) or Okta Classic Engine
• Rate Limit

1. Access the Okta Admin Console, and go to Reports > Rate Limits.
2. Use the Rate Limit Dashboard to identify endpoints with violations.

3. Click on endpoints with any violations, bursts, or warnings to obtain additional details, such as filtering by Top Requests by Application. It is possible to further filter by time period as needed.

4. To review the Application Rate Limit for these applications, copy and paste the Application ID into the top-level search bar.
5. Click on the application name and then select Application Rate Limits.
6. Determine if the current rate limit is sufficient for the application.
7. To increase the limit, click on Edit and adjust the rate limit consumption percentage so the application can consume more of the rate limit for any given Okta API endpoint. Click Save.
   • NOTE: If the Application Rate Limit for an application is set to 100%, the application can monopolize the endpoint rate limit. Depending on which endpoint is affected, this could have a significant impact on performance. 

Related References

• How to Request a Rate Limit Increase
• Rate Limit Best Practices