API Rate Limit Failures

Hello Everybody.


This article walks you through the details of how to debug API Rate Limit issues which might be seen during deployments.

During Deployments users can run into an error in the UI which includes the below line, At first the assumption here is that this is a Limit coming from the Harness end when trying to run API calls and the limit is exceeding.

API rate limit exceeded for user ID 9551569.

If we try to capture the HAR file for the same error in the UI we can see the following error code being returned.

{"status":"ERROR","code":"EXPLANATION","message":"API rate limit exceeded for user ID 87853032.","correlationId":"d2dd0a08-1771-423c-a920-6bdd961d9bd8","detailedMessage":null,"responseMessages":[{"code":"EXPLANATION","level":"INFO","message":"API rate limit exceeded for user ID 87853032.","exception":null,"failureTypes":[]},{"code":"SCM_UNAUTHORIZED","level":"ERROR","message":"Received exception while pushing to git - Status: 401 Unauthorized.","exception":null,"failureTypes":[]}]}

Taking a look at the error you would notice it is not concerning the API limits of an Account but rather on a specific Harness User who seems to have exceeded their limit. For some context Harness does have API limits they set Account wide for Graph QL, but this is not the case for specific users.

How we are able to confirm this is by seeing that the User ID which is present in the response is not an ID that is maintained on the Harness end but on the Github end.

It looks like GitHub is reporting the issue with rate-limiting and Harness is only passing that message along to the UI on the Harness end with the response it received.

As per the Github Documentation, User-to-server requests are limited to 5,000 requests per hour and per authenticated user. You can see the RateLimit in the headers when you are making requests to Github. The docs for it can be found here.



The User-to-server requests are subject to a higher limit of 15,000 requests per hour and per authenticated user in the following scenarios.

  • The request is from a GitHub App that’s owned by a GitHub Enterprise Cloud organization.
  • The request is from an OAuth App that’s owned or approved by a GitHub Enterprise Cloud organization.

For unauthenticated requests, the rate limit allows for up to 60 requests per hour. Unauthenticated requests are associated with the originating IP address, and not the person making requests.