API rate limits are set on /api endpoints to prevent large spikes in the number of API calls that could degrade Deep Security Manager performance.

API call rates are measured as the number of API calls that Deep Security Manager receives within the last sixty seconds. When a rate limit is exceeded, the manager does not process requests until the call rate falls below all rate limits.

When a call is made and an API rate limit is exceeded, the response code is 429 with the message Too many API requests.