Actions such as rapidly reading or updating data, aggressive polling, or making highly concurrent API calls may result in your calls to S-360 public APIs being rate limited.
To ensure the quality of S-360 services, its public APIs are subject to rate limiting.
By default, usage of a public APIs is limited by default to 180 calls per minute for a given S360 instance. (that means: a maximum 180 calls per minute cumulated for all endpoints starting by https://instit.ws.secutix.com
, where instit is the code of your institution).
Some institutions may be allowed to call more often according to their contract.
Some endpoints have specific limitations indicated on their own page.
Some specific methods of some endpoints (like getCatalogDetailed for the catalog service) have specific limitations (1 call every 10 minutes for the later, for example)
Exceeding this value may trigger a 509 (Bandwidth Limit Exceeded) http code or a 429 (Too Many Requests). (our current code is 509 but it will be migrated to 429).
If your system triggers one of those error codes, please refrain from making additional requests until the appropriate amount of time has elapsed.
In S-360, an endpoint matches a published service (a consistant collection of methods concerning the same kind of entities).
https://mosa.demo-ws.secutix.com/tnco/external-remoting/com.secutix.service.contact.v2_21.ContactInformationPublicService.webservice
is an endpoint matching contact service.
https://mosa.demo-ws.secutix.com/tnco/external-remoting/com.secutix.service.contact.v2_20.ContactInformationPublicService.webservice
is matching another version of the same service, but is considered as the same endpoint as the previous one for rate limitations concerns. (it is not possible to call different versions of the same service to work around rate limits)
https://mosa.demo-ws.secutix.com/tnco/backend-apis/contactInformationPublicService/v2_21/anyMethod
is matching the REST-RPC version of the same service, and is considered as being the same endpoint as above for rate limitations concerns. (it is not possible to use various protocols to work around the rate limits)
You should add logic to handle cases in which you exceed the provided rate limits and receive the HTTP Status Code 509 or 429. In this case, if a retry is needed, it is best to allow for a back-off to avoid going into an infinite retry loop.
For scripts and rules that call S-360 APIs, you should always handle rate limiting by checking the HTTP Code.
When you exceed your rate limits, you'll need to reduce the number of calls you make to S-360 endpoints. The specifics depend on your use case, but here are some recommendations:
It is an anti-pattern to use API calls to synchronize a full set of data from S-360 to another system (for example, all the tickets, all the orders…). You'll likely be calling the endpoint very often on a frequent basis, to retrieve a small amount of data.
S-360 offers many possibilities to build webhooks that can be used to POST the updated data that you need to your system, so that you receive events when tickets, resp. Contacts, resp. Orders… are created.
Please refer the documentation of our webhooks for more information.
Please reach out to us through our customer services portal, we can offer you a review of your integration architecture. It is also possible to increase the allowed rate limit for some endpoints, which may involve additional usage costs for the system.