Check Point · Rate Limits

Checkpoint Rate Limits

Check Point does not publish a single, unified rate-limit policy for its API portfolio. Each API is bound to the customer's product deployment (on-prem Management Server, Smart-1 Cloud, Infinity Portal tenant, CloudGuard, Harmony Email, Spark Management) and the practical request ceiling is governed by deployment sizing rather than a published per-second number. The Management API documents a session-based model (login, run commands, publish, logout) where concurrency is bounded by the number of API sessions configured on the management server.

Checkpoint Rate Limits is the machine-readable rate-limit profile for Check Point on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 2 rate-limit definitions, measuring concurrent_requests and varies.

The profile also includes 3 backoff/retry policies defined and response codes documented for throttled and serviceUnavailable.

Tagged areas include Cloud Security, Cybersecurity, Network Security, Security, and Rate Limiting.

2 Limits Throttle: 429
Cloud SecurityCybersecurityNetwork SecuritySecurityRate Limiting

Limits

Management API session concurrency management-server
concurrent_requests
see deployment sizing — typically bounded by configured api-sessions on the management server
The Check Point Management API uses session-based concurrency. Limits are determined by the management server configuration, not a published per-second cap.
CloudGuard / Harmony / Infinity Portal APIs tenant
varies
see Infinity Portal admin guide; not publicly documented
Cloud-hosted APIs may apply tenant-scoped throttling but Check Point does not publish the numeric ceilings.

Policies

Session Lifecycle (Management API)
Clients call /login to obtain a session token (sid), perform commands, then /publish and /logout. Long-lived sessions block other writers; close sessions promptly.
Backoff Strategy
On 429 / 503, apply exponential backoff with jitter and retry. Sustained pressure should be discussed with Check Point TAC.
Deployment Sizing
Practical throughput depends on management-server CPU/RAM and the configured api-sessions pool. Resize the management server rather than expecting cloud-style horizontal scale.

Sources