dse7i (dse7i) asked a question.
We're trying to query many, if not, all of our okta groups from our on prem jira instance, but we keep getting timeouts.
Is there a way to do this correctly?
2023-12-20 21:06:01,868+0000 Caesium-1-3 ERROR ServiceRunner [c.a.crowd.directory.DbCachingDirectoryPoller] Error occurred while refreshing the cache for directory [ 10100 ].
org.springframework.ldap.LimitExceededException: [LDAP: error code 11 - API call exceeded rate limit due to too many requests. : (Refer to Okta error Code E0000047)]; nested exception is javax.naming.LimitExceededException: [LDAP: error code 11 - API call exceeded rate limit due to too many requests. : (Refer to Okta error Code E0000047)]
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:164)
at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:355)
at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:139)
at org.springframework.ldap.core.support.AbstractContextSource.getReadWriteContext(AbstractContextSource.java:174)
at
...
Hello @dse7i (dse7i) Thank you for reacting out to our Community!
Querying the memberOf attribute can affect your org rate limits. To avoid rate limit issues, Okta recommends using the group membership attribute uniqueMember.
For this you can review our Known issue doc here:
https://help.okta.com/en-us/content/topics/directory/ldap-interface-limitations.htm
For the setup of Group Query please review step 5 "Complete the Group or Role section. " from our doc below:
https://help.okta.com/en-us/content/topics/directory/ldap-configure-integration-settings.htm
Community members help others by clicking Like or Select as Best on responses. Try it today.
Earn Today: New Okta Community Badges Have Arrived