Understanding Cato API Rate Limiting

Rate limits for the Cato API are applied on a per-query, per-account basis. This means that for each query there is an individual counter, but it applies to all the API keys (for different users) querying that account. So two different users calling two separate queries do not impact each other. However, if two different users are calling the same query, then these queries are subject to the same counter (for the purposes of rate limiting) and it is possible that the one user's query impacts the other user.

The Cato API back end is highly available and elastic, so the rate limits are a guaranteed minimum rather than an absolute maximum. For example, the auditFeed query has a rate limit of 5 per minute, this means that an account can call auditFeed at least five times every 60 seconds without being rate limited. In reality, it's possible for customers to call this query more frequently, but the guaranteed minimum rate of unlimited calls is 5 per minute. Nevertheless, there is also an account-wide counter, so if there are five different users all query auditFeed at the same time, to guarantee that they will not be impacted by rate limiting, then each user could only call the query once every 60 seconds.

Cato's Python sample scripts gracefully handle rate limiting by waiting for five seconds before retrying. Customers can adopt similar strategies in their own API scripts.

If your query encounters issues related to rate limiting, we recommend that you wait a few minutes before sending additional API queries.

​API calls are limited to a rate limit of 120/minute, except for the following queries:

  • accountMetrics: 15/minute

  • accountSnapshot: 10/second
  • auditFeed: 5/minute

  • entityLookup: 30/minute (1500/5 hours)

  • eventsFeed: 100/minute

Was this article helpful?

1 out of 1 found this helpful

1 comment

  • Comment author
    Yaakov Simon

    Updated the accountSnapshot rate limit to: 10/second (120/minute)

Add your comment