Configure client-based rate limiting
Enable per-client rate limiting to prevent a single client from blocking Internet traffic to Okta's /login/login.htm and OAuth 2.0 /authorize endpoints. For more information, see Developer Documentation.
- In the Admin Console, go to Settings > Account.
- In the Client-based rate limiting section, click Edit.
- Select one of the following options:
- Enforce and log per client (recommended) — Enables client-based rate limiting for all clients.
- Log per client — Enables client-based rate limiting in log-only mode. Rate limiting is based on org-wide rate-limit values, but the client-specific rate limiting information is recorded as System Log events. By analyzing these events you can determine if client-based rate limiting is effective for you.
- Do nothing (not recommended) — Disables client-based rate limiting.