These examples show 429 failure responses when a URL purge request has exceeded an API request rate limit and an object rate limit.
In this first 429 failure response, the Rate Limit exceeded title in the response body shows that the API request rate limit was exceeded. The X-Ratelimit-Remaining header value is 0 and the rateLimitRemaining response member is 0. This means that there were no additional API requests remaining at this moment, and the request was denied.
To stay within the rate limits, you can reduce the API request rate and use the remaining 9904 URL objects, shown in the X-Ratelimit-Remaining-Objects response header, in each purge request. This allows for a comparable purge rate without exceeding the rate limit.
HTTP/1.1 429 Too Many Requests
Date: Tue, 12 Mar 2019 21:14:01 GMT
Content-Length: 239
Content-Type: application/api-problem+json
X-Ratelimit-Remaining: 0
X-Ratelimit-Limit-Per-Second: 50.00
X-Ratelimit-Limit: 100
X-Ratelimit-Remaining-Objects: 9904
X-Ratelimit-Limit-Per-Second-Objects: 200.00
X-Ratelimit-Limit-Objects: 10000
{
"supportId": "17PY1552425241133633-211776704",
"title": "Rate Limit exceeded",
"httpStatus": 429,
"describedBy": "https://developer.akamai.com/api/core_features/fast_purge/v3.html#httpcodes",
"rateLimit": 100,
"rateLimitCurrentRequestSize": 1,
"rateLimitRemaining": 0
}
In this next 429 failure response, the URL Rate Limit exceeded title in the response body shows that an object URL rate limit was exceeded. Note that the object rate limit for a URL purge request is 200 URLs per second, as shown in the X-Ratelimit-Limit-Per-Second-Objects header. The rateLimitRemaining response member is 94, which was the number of URLs available to purge at that moment. When the purge request was submitted, it contained 110 URLs, as shown in the rateLimitCurrentRequestSize response member. Because the request was 16 URLs over the current limit of 94, it was denied.
To maximize the purge rate without waiting, you can truncate the request to contain 94 URLs, then resubmit it immediately. Alternatively, wait until you can purge all 110 URLs at once, which in this case would only take 80 milliseconds.
HTTP/1.1 429 Too Many Requests
Date: Tue, 12 Mar 2019 21:14:31 GMT
Content-Length: 251
Content-Type: application/api-problem+json
X-Ratelimit-Remaining: 40
X-Ratelimit-Limit-Per-Second: 50.00
X-Ratelimit-Limit: 100
X-Ratelimit-Remaining-Objects: 94
X-Ratelimit-Limit-Per-Second-Objects: 200.00
X-Ratelimit-Limit-Objects: 10000
{
"supportId": "17PY1552425341153293-211776704",
"title": "URL Rate Limit exceeded",
"httpStatus": 429,
"describedBy": "https://developer.akamai.com/api/core_features/fast_purge/v3.html#httpcodes",
"rateLimit": 10000,
"rateLimitCurrentRequestSize": 110,
"rateLimitRemaining": 94
}
In addition, the API guards against denial of server (DoS) level traffic flows. For example, when a single API client attempts to submit hundreds of requests per second, the API responds with a 400 error for web application firewall (WAF) rate-controlled clients.
HTTP/1.1 400 Bad Request
Content-Length: 427
Date: Thu, 01 Mar 2018 18:46:03 GMT
Connection: close
Content-Type: application/problem+json
{
"type": "https://problems.purge.akamaiapis.net/-/pep-authn/request-error",
"title": "Bad request",
"status": 400,
"detail": "WAF deny rule IPBLOCK-BURST4-27754",
"instance": "https://akab-cj2eq2kcsv7cpt75-bi4ae4mdehbj2p4a.purge.akamaiapis.net/ccu/v3/invalidate/url",
"method": "POST",
"serverIp": "104.76.97.105",
"clientIp": "24.2.26.125",
"requestId": "1dd8d22",
"requestTime": "2018-03-01T18:46:03Z"
}