Level up Your Organization With Okta’s New Scalability Improvements

Customer Identity & Access Management (CIAM) and Workforce Identity solutions are both considered critical systems. Bugs, downtime, and vulnerabilities can all impact your metrics around customer success. In addition to the core features and functions, customers want to have the tools necessary to manage and operate their systems. For most enterprises, a robust identity solution needs to be dynamic, and flexible enough to scale in response to planned and unplanned events, like a holiday season spike due to a sale or a slew of new fans trying to watch a sporting event online.

There isn't a single businesses that wants their end-users to experience the dreaded 429 Error (a Too Many Requests HTTP error, indicating that a client app has surpassed its rate limit.) So we understand that monitoring rate limits, getting alerts, and the ability to understand the root cause is critical for identity teams. For these reasons, we are making it easier for teams to get all the relevant information in one place, and simple for admins to operate and maintain. For development teams and admins, it's critical that they have operational reporting, monitoring, and alerts to understand how the system is being used and where the problematic issues can be found.

This is why we’re excited to bring to you the Rate Limit Dashboard, now Generally Available. The Rate Limit Dashboard provides admins complete and contextual information about their rate limits via the Okta administrator console.

So let’s dive in!

How to use the Rate Limit Dashboard

Let’s say an admin receives an email saying “Your org has reached 100% rate of limit”. Admins can go directly to the admin portal for a detailed view to see where the spikes are coming from. Is it due to a new marketing campaign or holiday sale? Find the answers here.

From the dashboard, admins can monitor, investigate, troubleshoot limits, and isolate outliers. For example, if the utilization is at 50%, we should be able to see the various IP calls against that endpoint. IP data could also show that the usage is distributed across many IPs, representative of real traffic—like from a holiday sale. The Rate Limit overview page provides system log data insights, such as the number of org wide violations over time or the top violating APIs. From this page, you can view the API thresholds per API, specific to your organization, which includes any multiplier via DynamicScale or override you may have. Existing customers can easily get a consistent view of current thresholds without having contact support.

And finally, the Rate Limit Dashboard now allows customers a self-service approach to quickly identify the problem, providing clear and actionable next steps to remediate the issues they discover.

Some scenarios may involve valid traffic issues, where customers will need to increase their rate limits. But there can also be bad scenarios where an attack or a rogue app or script requires disablement. Regardless, the Rate Limit Dashboard enables customers to identify any issue with a self-service approach.

Burst Rate Limits

Okta provides rate limits for orgs based on the traffic they expect to have. When customers are able to forecast sustained usage above the standard rate limit for planned events, Okta recommends DynamicScale to ensure the highest availability for their businesses.

However, we understand that unplanned events also happen, where customers experience higher traffic than usual. To ensure our customers are successful, and to help minimize impact resulting from unplanned usage, we’re excited to also introduce Burst Rate Limits, now Generally Available.

By making burst rate limits available, Okta provides admins and customers peace of mind by helping ensure that an unplanned spike doesn’t detrimentally affect an end user’s experience by getting a 429 Error, specifically for authentication and authorization flows.

Get started today

Keeping your infrastructure up and your applications running is crucial. No organization can afford to have their end users negatively impacted, and our new rate limit features are designed to assist in preventing that from happening.

Interested in getting started? Read through our rate limits best practices guide to begin.