Pages Menu

Posted by on Apr 10, 2017 in Development, Office365

Throttling coming to Outlook APIs

Throttling coming to Outlook APIs

We’ve been given some advance warning that, from April 21st, throttling will be applied to Outlook REST APIs and to the Outlook APIs that are part of Microsoft Graph.

This will affect all anything you contact via or On the Microsoft Graph it will apply to:

Here are my thoughts on this.

The limit is high

Firstly, we need to understand what the limit is in order to understand whether or not this will impact our applications.

The limit is 60 requests, per minute, per user/group, per app ID.

That’s actually pretty high. Whatever it is you’re doing, you shouldn’t be issuing a call every single second, per user. If you start hitting this limit, then I’d respectfully suggest that your code might need a re-architecture!

Reacting to the limit

However, even if you think you’ll never hit the limit, you should still code for that eventuality. There’s an artificial limit in place now, and that means it can change at any time without warning. Your code should be able to cope with a sudden change in the limit and gracefully back-off.

Luckily, there is a special response code which will be issued if you hit a limit. You’ll receive a 429 – Too Many Requests response.

Also, in this response will be two additional headers which you can use to work out what to do next:

Retry-After : this tells you the number of seconds you should wait before making another request.
Rate-Limit-Reason : this is a human explanation of why you’re being limited.

Coding Smarter

Can we be even smarter than just reacting to hitting the limit? Yes! There are 3 new headers which will allow you to track your “allocation usage” over time:

Rate-Limit-Limit : The maximum number of requests that the app is permitted to make per minute for the current user or group
Rate-Limit-Remaining : The number of requests remaining in the current rate limit window
Rate-Limit-Reset : The time at which the current rate limit window resets in UTC time

I actually really like the changes being made here. Firstly, the limit itself is in no way unreasonable; it makes sense and prevents the system from abuse. But, what really pleases me is the way that it’s been implemented, and the additional features and information being offered to developers to enable them to do a good job of managing the limit and making sure that it doesn’t impact on user experience. It would have been all too easy to implement a limit and enforce it by just turning away overages with a single “denied” message – but they went the extra mile and provided information about the process in the responses. Good job team!

Written by Tom Morgan

Tom is a Microsoft Teams Platform developer and Microsoft MVP who has been blogging for over a decade. Find out more.
Buy the book: Building and Developing Apps & Bots for Microsoft Teams. Now available to purchase online with free updates.

Post a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.