Rate Limit

About

Rate limiting is used to control the rate of requests sent via the API. It can be used to prevent DoS attacks and limit web scraping.

The Picus Rest API applies rate limits based on endpoints. Client IP-based limitation is applied.

📘

Rate Limit For Picus Rest API Endpoints

Our rate limiting strategy uses tiered rate limits to ensure optimal performance for all users. Read-based endpoints have higher limits, while write-based endpoints have lower limits to balance the needs of the system. This allows us to handle a higher volume of requests without sacrificing performance for any individual user. The rate limits of the endpoints vary and operate on per-minute basis.

Limit Response Headers

The endpoints return headers with rate limit information, including the number of remaining requests and the reset time. You can access this information from the headers to manage your API usage and avoid reaching the rate limit.

X-Ratelimit-Limit give us to rate limit (per minutes) of the endpoint that is requested.

Examples

Below, we provide two examples on different endpoints.

curl --location --request GET 'https://api.picussecurity.com/v1/agents' \
--header 'Authorization: Bearer YOUR_TOKEN'

Status: 200 OK
X-Ratelimit-Limit: 100 
X-Ratelimit-Remaining: 99
X-Ratelimit-Reset: 1654342509

curl --location --request GET 'https://api.picussecurity.com/v1/templates/{Id}' \
--header 'Authorization: Bearer YOUR_TOKEN'

Status: 200 OK
X-Ratelimit-Limit: 2500 
X-Ratelimit-Remaining: 2499
X-Ratelimit-Reset: 1654342509