Rate Limits and Quotas
The Vault Server REST API currently does not have rate limits and quotas. However, if you are using the Vault Gateway to connect to the Vault Server, the gateway itself has rate limits and quotas.
Rate Limits
Rate limits specify a maximum number of requests per minute.
Scope
All the APIs proxied by the Vault Gateway share one common rate limit.
Violation Notification
If an application exceeds an endpoint’s rate limit, the server returns an HTTP 429
error.
Endpoint Rate Limits
These rate limits apply to all the APIs proxied by the Vault Gateway. Note that these rates are not service guarantees. In the uncommon case where total service use is too high across all clients, accepted request rates may drop until traffic subsides.
Method | Endpoint | Limit (requests/per 5 minutes) |
---|---|---|
GET/POST/etc. | api/../.. | 40000 |
Quotas
The Vault Gateway has size limits for the request payload and response payload.
Scope
All the APIs proxied by the Vault Gateway will have the same size limit.
Endpoint Quotas
These quotas limit an endpoint’s resource consumption.
Method |
Endpoint |
Limit Description |
Limit |
Units |
Notification |
---|---|---|---|---|---|
GET/POST/etc. | api/../.. | The maximum payload size for a request | 39313920 | bytes | HTTP 500 response |
Quota Violation Notification
The Vault Gateway server reports quota violations using various HTTP error responses.
HTTP 500 “Internal Server Error”
When a request payload is too large or requests a resource that is too large, the server returns an HTTP 500 error.