Okta Rate Limits

Background

Lumos runs multiple regular syncs with your Okta tenant each day to keep your data current.

This article provides more info on how you can adjust your Oka rate limits to ensure that your Okta data in Lumos is accurate and you don't also run into Okta rate limit violations.

How Okta rate limits

Okta has a per-tenant API rate limit that's shared by all API tokens.

A typical rate limit might be 600 requests in a 60 second time frame.

How Lumos manages Okta rate limits

Lumos is configured to avoid disrupting other apps that share your Okta rate limit.

Lumos makes requests to Okta and tracks how close it is to your rate limit. Once Lumos reaches 50% of your rate limit for a given time period, we throttle our requests and wait until the rate limit resets before making more.

What this means is that Lumos should never trigger an Okta rate limit violation. However, this means that if Lumos is competing for a rate limit with another app that's using a large amount of your rate limit, Lumos will quickly throttle itself and your syncs may take significantly longer.

Can I change the rate limit for Lumos in Okta?

When you create an API token in Okta for Lumos, you can choose how much of your rate limit that token is allowed to consume. See📄 Connecting Okta

For example, Lumos can be given a token that only allows 90% of the full rate limit. In that case, Lumos would throttle requests at 45% of your entire Okta tenant's maximum.

This can be done to guarantee that Lumos always leaves some rate limit available for other apps, but this is only if you think our self-imposed throttling is insufficient.

See Okta's documentation for more info on how to set up API token-specific rate limits in Okta.