Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3975
Views
0
Helpful
4
Replies

Rest-API rate limit

Gupta_Deva
Level 1
Level 1

‎05-14-2018 10:43 PM - edited ‎02-21-2020 07:46 AM

 

How to disable the rate-limit alltogether - or at lest configure a higher value than 120 api-calls / minute ?

According to the cocumentation:

 

The Firepower Management Center REST API implements rate limiting to reduce network load.

The API will accept no more than 120 messages per minute from an individual IP address. It will only allow 10 simultaneous connections per IP address. These are not configurable parameters.

If a client exceeds these limits, the API will give an HTTP 429 error

 

We don't buy, that this is not configurable - and we really need to be able to configure some higher values !

Maybe we might set a parameter or variable in one of the files

/etc/sf/mojo_server.conf

/var/sf/bin/mojo_server_wrapper.pl

/var/perl5/site_perl/5.10.1/Mojo/Server/Daemon.pm

 

or maybe an API-guru here could provide an illiminative answer ?

 

2 people had this problem
Labels:
0 Helpful
4 Replies 4

Patrick.Helms
Level 1
Level 1

‎03-08-2019 01:07 PM

Have you ever found a solution to this issue? We are finding it takes a very long time to query an ACL with 100 rules (and their objects) with this limit. 

0 Helpful

niryadav
Cisco Employee
Cisco Employee
In response to Patrick.Helms

‎03-12-2019 01:20 PM

There is an Enhancement defect filed for the rate limiting.

 

CSCvf16740  -  ENH: Rest API Request limit should be set to a configurable option.

 

As a workaround use the expanded query param to query details in a single call. This will reduce the number of API calls required, and the probability of customer hitting the rate limit will go down.

0 Helpful

tomas.chyla02@gmail.com
Level 1
Level 1

‎08-26-2025 09:59 AM

Although this is quite old topic, the mentioned enhancement CSCvf16740 has still not been implemented and doesn't provide any possible workaround outside of what was already mentioned by @niryadav. This however doesn't cover all the possible use cases and the rate limit can still be easily hit regardless (for example, see CSCwq66022).

There is a newer bug ID from 2023 CSCwi14132 which does provide a workaround action of Contact TAC to increase API rate limit. While I cannot share more specifics on what's the exact procedure to override the rate limits as there are certain caveats/gotchas you need to be aware of, I can confirm the workaround does work (for both limits - requests per minute as well as concurrency).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card