Entra ID Audit logs API - Rate Limits

Ron Weasley 0 Reputation points
2024-05-29T12:00:43.03+00:00

Hi,

As per the official documentation in https://learn.microsoft.com/en-us/graph/throttling-limits#identity-and-access-reports-service-limits, there are service specific throttling limits.
But for Directory, Sign in and Provisioning logs in Entra ID, the rate limit is mentioned as 5 requests per 10 seconds.

What is the reason behind such a restricted limit? And is this the rate limit that we need to consider while triggering the APIs to retrieve audit logs (Directory, Sign In and Provisioning) for Microsoft Entra ID.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,068 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 22,871 Reputation points Microsoft Employee
    2024-05-29T19:09:02.23+00:00

    Hi @Ron Weasley , the rate limit of 5 requests per 10 seconds is a default limit set by Microsoft to ensure the stability and reliability of the service. This limit is in place to prevent excessive usage of the API and to ensure that all customers have fair access to the service.

    When retrieving audit logs for Entra ID, you should consider this rate limit and ensure that your application does not exceed this limit. If you exceed the rate limit, your requests may be throttled, which can result in slower response times or even failures. To avoid this, you can implement a retry mechanism with an exponential backoff strategy to handle throttling errors and avoid exceeding the rate limit.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James

    0 comments No comments