Learn how to set a daily limit on how many API requests
SaaS Security API can initiate and how your cloud app vendor’s rate
limit impacts asset scanning.
SaaS Security API initiates API calls when it connects to your
cloud apps and in the course of scanning your assets. Cloud app vendors
(for example, Box) allow for a set amount
of event updates (API calls) based on the number of API calls per minute
or per second within a 24-hr period. This quota is called rate
limit (also known as API throttling). PrismaSaaS
does not set the rate limit, nor can it adjust this limit. The rate
limit is controlled by your cloud app vendors.
API throttling ensures maximum uptime of SaaS apps, but can result
in latency. To resolve scan latency, it’s recommended that you ask
your cloud app vendor to increase your rate limit. SaaS Security
API promptly requests event updates from cloud app vendors, but
API throttling delays event delivery, depending on the amount of
data being requested. This latency is most noticeable when updates
occur immediately after onboarding and usually accompanies a large
volume of assets.
To mitigate the impacts of API throttling, SaaS Security API
uses a backlog: assets continue to be scanned and are saved to a backlog.
All known assets eventually display in SaaS Security web interface
after the Scan service processes your backlog. Timestamps for all
events remain accurate—as of the actual event.
Irrespective of API throttling, wait 24 hours after onboarding
before you remediate in bulk or,
alternatively, configure automatic
remediation. Waiting provides more insight into your data,
potentially improving your strategic policy decisions.