Introduction of user-based rate limiting

Availability, stability, and performance are essential aspects of LeanIX services. While we strive to grant as much flexibility as possible with our APIs and unlimited user access, we also need to ensure the user experience remains consistent and is fairly distributed throughout workspaces.

To do so, we already limited the number of API calls to alleviate risks and reduce potential downtime. But there are possible ways to get around it. As an additional measure to increase the availability of our products, we have now introduced a general user-based rate limit, including our single-page application.

For each user, whether it is a human user or a technical API user, the limit will be 1800 requests per minute, equivalent to 30 requests per second.

Our REST and GraphQL APIs will return a 429 status code with a specific message, including the reasoning for the rate limit (e.g., HTTP 429 Too Many Requests. USER_INTERVAL_REQUEST_LIMIT_EXCEEDED).

We do not expect a direct impact on users of the application, as the rate limit has been set based on usage statistics. Also, most of your integrations already have a lower rate limit in contrast to this new setting. However, it would be best to consider this when implementing high-frequency API calls.