API Throttling

API throttling regulates the way the Clumio REST API is used by controlling the data a client can access. Throttling processes enhance performance levels by preventing the API from being overwhelmed by too many requests, and adds a layer of security by preventing clients from performing abusive actions.

Rate-limit throttling ensures that requests sent to the Clumio REST API do not exceed the maximum limit. At Clumio, each organization can send up to 100 requests per second, where each request is a resource. For example, for the endpoint GET /tasks, the /tasks resource represents a single request. Throttling is enforced at the API gateway and cannot be disabled. The rate limit is calculated in real time and cannot be changed.

Throttling kicks in after the rate limit is reached. Requests that have been sent before the limit is reached are processed through to completion. All other requests that are sent after that time are not processed, and a 429 Too Many Requests HTTP status code is returned for each of those requests. After some back-off time, retry the requests. Any scheduled processes, such as backups, are not affected and will continue running.