Configure client-based rate limiting

Enable per-client rate limiting to prevent a single client from blocking Internet traffic to Okta's /login/login.htm and OAuth 2.0 /authorize endpoints. For more information, see Developer Documentation.

  1. In the Admin Console, go to SettingsAccount.

  2. In the Client-based rate limiting section, click Edit.
  3. Select one of the following options:
    • Enforce and log per client (recommended) — Enables client-based rate limiting for all clients.
    • Log per client — Enables client-based rate limiting in log-only mode. Rate limiting is based on org-wide rate-limit values, but the client-specific rate limiting information is recorded as System Log events. By analyzing these events you can determine if client-based rate limiting is effective for you.
    • Do nothing (not recommended) — Disables client-based rate limiting.
  4. Click Save.

Related topics

Set up contacts

Configure your email notifications

Give access to Okta Support