Rate Limit Information Returned by the Cloud Controller API
Page last updated:
The Cloud Controller API includes rate limit information in the HTTP header. Each header includes the following:
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 56
X-RateLimit-Reset: 1372700873
Use this table to understand the rate limit header.
| Field Value | Description |
|---|---|
| X-RateLimit-Limit | The maximum number of attempts per User Account and Authentication (UAA) user, if a user is authenticated. The maximum number of attempts per IP address, if no user is authenticated. |
| X-RateLimit-Remaining | The estimated number of attempts remaining. |
| X-RateLimit-Reset | The time when the rate limit counter resets, in UTC epoch seconds. |
Requests are counted separately in each Cloud Controller instance and each produces an estimate for the total number of remaining requests.
The estimate is based on the fraction remaining on the Cloud Controller instance, rounded down to the nearest 10%, multiplied by the global maximum number of attempts.
This might result in inconsistent values for the X-RateLimit-Remaining header when running multiple instances of Cloud Controller API, such as some requests still being allowed when the header value is 0.
When requests exceed the maximum rate limit value, the Cloud Controller API returns a 429: Too Many Requests error code.