REST API Rate Limits
Rate limits on PagerDuty's REST API help ensure that our resources remain available for users and their apps, and protect against fraudulent activity.
Recommendations
In order to make the best use of REST API rate limits and minimize disruptions to your applications, we recommend the following:
- Make use of rate limit headers: You can update your application to parse the
ratelimit-limit
,ratelimit-remaining
andratelimit-reset
response headers. If your application is being rate limited, theratelimit-reset
header will let you know how many seconds to wait before retrying.- Use one "bot user" per application deployment: If you use PagerDuty user API keys as bot users for applications, create a separate bot user for each application deployment (e.g., "Acme Production Bot User", "Acme Test Bot User", etc.). With this approach, rate limits for each application deployment will be kept separate.
- Use the latest Terraform PagerDuty provider version: If you are using the Terraform PagerDuty provider, we recommend using v3.2.2 or later so that you will have the latest API retry logic and timing patches.
Troubleshooting
If you experience throttling due to our REST API Rate Limits, we recommend trying the following steps in the order presented :
- If you're using user API keys, we recommend adding more users and spreading out the REST API request load.
- If you have a bot user, we recommend registering one scoped OAuth app per environment (e.g., "staging," "production," etc.) and using the appropriate app token to access the REST API. Please read our developer documentation Register an App for more information. This approach is especially advantageous, since global API keys may be deprecated in the future for security's sake.
- You can also register a private scoped OAuth app in addition to using a user token. The user will first go through the user login and consent screen, and will then be able to access the REST API. This will effectively double your API rate limit, since you can use the token associated with the registered app, as well as with the user.
FAQ
Will rate limits affect my application?
PagerDuty applications typically experience generous rate limits. However, rate limiting can be complicated and there may be some exceptions depending on how your application uses the REST API.
If you have never experienced rate limiting or your code already gracefully responds to 429
HTTP response codes, you likely will not encounter issues with rate limiting.
How can I prepare for rate limits?
We provide rate limiting headers on HTTP responses from our REST API (i.e., ratelimit-limit
, ratelimit-remaining
and ratelimit-reset
). If your application is mission critical or does not handle rate limiting, you can incorporate these headers into your applications to minimize disruptions.
Please see REST API Rate Limits in our developer documentation for more information.
When did rate limits go into effect?
Rate limiting headers were made available for app consumption in October and November 2023. PagerDuty started sending 429
responses for apps that reached the rate limit in the initial weeks after feature rollout.
Updated about 2 months ago