Skip to content

Smart API Rate Limiting and Backoff Behavior

This page outlines and explains how SailPoint Entro platform handles API rate limits with smart backoff, retries, and automatic recovery to ensure stable integrations.

Overview

The platform is designed to operate safely within the rate limits imposed by upstream systems. All integrations dynamically adjust to the usage constraints of the external service, ensuring stable performance and preventing disruptions to customer environments.

When rate limits are reached, the platform automatically initiates a controlled backoff and retry mechanism. If repeated attempts continue to fail, the system progressively increases the backoff interval, slowing the scan cycle to remain compliant with the provider's requirements.

An upcoming release will surface integration health and rate-limit details directly in the UI, allowing administrators to diagnose and optimize connector performance more easily.

Rate Limit Awareness

Each integration monitors responses from the target platform for correct rate-limit indicators, including HTTP status codes, throttling headers, and provider-specific quota signals. Once detected, the system adjusts behavior in real time.

Key characteristics:

  • Automatically identifies when an external API enforces a throttle.

  • Respects per-platform quota rules with no additional configuration from the user.

  • Maintains scan stability by avoiding unnecessary retries or aggressive requests.

Backoff and Retry Logic

When a rate limit is hit, the system triggers a standardized recovery workflow.

Initial Retry Sequence

  1. Detect rate-limit or throttling response.

  2. Pause requests for the provider-defined cool-down window or a default minimum interval.

  3. Retry the request.

If the retry succeeds, scanning resumes as normal with no user intervention required.

Progressive Backoff

If retries continue to return rate-limit or similar transient errors, the platform escalates to a progressive backoff model.

This includes:

  • Increasing wait intervals between request batches.

  • Dynamically adjusting concurrency to reduce pressure on the API.

  • Extending the overall scan cycle to prevent further throttling events.

The result is a slower but stable scan cadence that self-corrects once the provider restores quota.

Recovery and Resumption

Once rate limits reset, the platform automatically:

  • Returns to normal request intervals.

  • Restores standard concurrency settings.

  • Re-aligns scan timing to the expected cycle.

No manual action is required unless the upstream platform continues to enforce persistent throttling.

Upcoming Visibility in the UI

Future releases will introduce detailed integration health metrics that highlight:

  • Rate-limit events detected during scans.

  • Backoff intervals currently applied.

  • Retry counts and error response patterns.

  • Overall impact on scan duration.