API Learnings

APIs

apiExplore
- API Providers
- API Resources

API Governance

API Solutions

design_servicesServices
- All Services
constructionTools
- All Tools

API Discovery

searchDiscovery
- Inbox
- Bing
- Google
- GitHub
fingerprintEvidence
- Inbox
- Bookmarks

API Building Blocks

API Evangelist LLC

OWASP API4 2023 Rate Limit Retry After

Define proper rate limiting to avoid attackers overloading the API. Part of that involves setting a Retry-After header so well-meaning consumers are not polling and potentially exacerbating problems.

Message: A 429 response should define a Retry-After header.

#OWASP #Security #Rate Limiting #OpenAPI

← Back to all Rules