question

anuthereaper avatar image
0 Votes"
anuthereaper asked amanpreetsingh-msft answered

Azure oAuth endpoint throttling

Hi,

We have an Azure App which has been protected by Azure AD oAuth. This means the calling application has to hit the https://login.microsoftonline.com/<tenant-id>/oauth2/token to fetch a bearer token before accessing the actual http triggered Azure function.
We wanted to know what kind of rate limiting/throttling is present at the Azure AD oAuth endpoint? I'm assuming this would be at the tenant id level but am not sure what the throttling limits are.
Any help would be appreciated.

Thank,
Anupam

azure-active-directoryazure-ad-tenant
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

amanpreetsingh-msft avatar image
1 Vote"
amanpreetsingh-msft answered

Hi @anuthereaper · Thank you for reaching out.

I don't find the throttling for Azure AD Token endpoint exposed publicly. However, if your application makes too many calls to the token endpoint, in order to acquire token, you will get HTTP 429 - Too many requests. You can configure your application to begin throttling using an exponential backoff approach (as mentioned below), on receiving HTTP error code 429.

  1. Wait 1 second, retry request

  2. If still throttled wait 2 seconds, retry request

  3. If still throttled wait 4 seconds, retry request

  4. If still throttled wait 8 seconds, retry request

  5. If still throttled wait 16 seconds, retry request

At this point, you should not be getting HTTP 429 response codes.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.