SailPoint · Rate Limits

Sailpoint Rate Limits

Name: Sailpoint Rate Limits
Creator: SailPoint
Keywords: Identity Security, IAM, B2B, Rate Limiting

SailPoint Identity Security Cloud enforces a 100 requests / 10 seconds rate limit per access_token across V3 API calls through the API gateway. Throttled responses return HTTP 429 with a Retry-After header indicating seconds until the limit resets. Limits are scoped to the access token rather than per-tenant aggregate, so distributing across tokens is the documented scaling lever.

Sailpoint Rate Limits is the machine-readable rate-limit profile for SailPoint on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 1 rate-limit definition, measuring requests_per_window.

The profile also includes 3 backoff/retry policies defined and response codes documented for throttled.

Tagged areas include Identity Security, IAM, B2B, and Rate Limiting.

1 Limits Throttle: 429

Identity SecurityIAMB2BRate Limiting

Limits

V3 API gateway access_token

requests_per_window · second

100

100 requests per 10 seconds per access_token across V3 endpoints.

Policies

Retry-After signaling

Throttled responses include a Retry-After header indicating seconds to wait before retrying.

Token-scoped throttling

The 100 / 10s limit is per access_token. High-throughput integrations should mint multiple tokens (per integration / per service account) rather than share a single token.

Exponential backoff

Clients should apply exponential backoff with jitter on 429 responses, honoring the Retry-After header.

Sources

https://developer.sailpoint.com/docs/api/getting-started