Cisco Secure Access API Rate Limits

Rate Limits

The Secure Access API limits the number of requests that you can make within a time period. Rate limits apply to either the number of API requests that you make for your organization or the number of API requests made using a specific Secure Access API key. Rate limits may vary by API scope and resource.

Admin

Endpoints in the admin API scope follow these general guidelines for rate limits:

  • 5 requests per second
  • 14 requests per minute
  • 350 requests per 30 minutes

Rate limits apply to an individual API key.

Auth

The Secure Access Token Authorization API endpoint follows these general guidelines for rate limits:

  • 20 requests per minute

Rate limits apply to an individual API key.

Deployments

API endpoints in the deployments API scope except for the Network Tunnel Groups and Regions API follow these general guidelines for rate limits:

  • 5 requests per second
  • 14 requests per minute
  • 350 requests per 30 minutes

Rate limits apply to an individual API key.

Network Tunnel Groups and Regions

The Secure Access Network Tunnel Groups and Regions API endpoints follow these general guidelines for rate limits:

  • 3000 requests per minute

Rate limits apply to an individual API key.

Investigate

The Investigate API has four levels of API access:

  • Integration—Limited to 2000 requests per day.
  • Tier 1
  • Tier 2
  • Tier 3

Depending on your API access tier, the Investigate API limits the number of requests for each endpoint. Your organization's API keys share the same rate limit.

Note: When you exceed the rate limit for an endpoint, all additional requests above the limit receive an HTTP 429 response (Too Many Requests) and the server discards the requests. After waiting one second, you can retry your request.

Investigate API Endpoints (Group One)

Endpoints:

  • /domains/volume/{domain}
  • /pdns/name/{domain}
  • /pdns/domain/{domain}
  • /pdns/ip/{ip}
  • /pdns/raw/{anystring}
  • /recommendations/name/{domain}.json
  • /links/name/{domain}
  • /security/name/{domain}
  • /bgp_routes/asn/{asn}/prefixes_for_asn.json
  • /bgp_routes/ip/{ip}/as_for_ip.json
  • /topmillion
  • /timeline/{name}
  • /subdomains/{domain}

Request Rate Limits:

  • Integration—3 requests per second
  • Tier 1—3 requests per second
  • Tier 2—12 requests per second
  • Tier 3—12 requests per second

Investigate API Endpoints (Group Two)

Endpoints:

  • /samples/{domain}
  • /samples/{ip}
  • /samples/{url}
  • /whois/{domain}
  • /whois/{domain}/history
  • /whois/nameservers
  • /whois/nameservers/{nameservers}
  • /whois/emails/{emails}

Request Rate Limits:

  • Integration—3 requests per second.
  • Tier 1—3 requests per second.
  • Tier 2—12 requests per second.
  • Tier 3—48 requests per second.

POST /domains/categorization

API access tiers 2 and 3 support the /domains/categorization POST method.

Request Rate Limits:

  • Tier 2—150 requests per second
  • Tier 3—150 requests per second
Note: The /domains/categorization POST method accepts up to 1000 domains in the request body.

GET /domains/categorization

All API access tiers support the /domains/categorization GET method.

Request Rate Limits:

  • Integration—3 requests per second
  • Tier 1—3 requests per second
  • Tier 2—150 requests per second
  • Tier 3—150 requests per second

GET /search/{expression}

All API access tiers support the /search/{expression} endpoint. The /search/{expression} endpoint defines rate limits based on search complexity. If you use a wildcard prefix, Investigate searches the entire collection.

Request Rate Limits:

  • Searches prefixed with the .* characters- 3 requests per minute
  • All other searches—18 requests per minute

GET /whois/search/{searchField}/{regexExpression}

All API access tiers support the /whois/search/{searchField}/{regexExpression} endpoint.

Request Rate Limits:

  • All tiers—18 requests per minute

Policies

API endpoints in the policies API scope follow these general guidelines for rate limits:

  • 2000 requests per minute
  • 6000 requests per hour

Rate limits apply to an individual API key.

Reports

Rate limits vary by API resource.

Reporting

The Secure Access Reporting API endpoints follow these general guidelines for rate limits:

  • 5 requests per second

Rate limits apply to an individual API key.

Metering

The Secure Access Metering API endpoints follow these general guidelines for rate limits:

  • 5 requests per second

Rate limits apply to your Secure Access organization.

App Discovery

The Secure Access App Discovery API endpoints follow these general guidelines for rate limits:

  • 10 requests per second

Rate limits apply to an individual API key.

API Usage

The Secure Access API Usage API endpoints follow these general guidelines for rate limits:

  • 2000 requests per minute
  • 6000 requests per hour

Rate limits apply to an individual API key.