Authentication API Endpoint Rate Limits?

What about doing something similar to

If you are using a reverse proxy with this capability, that’s an easy way to do rate limiting. For example, we use nginx, and have rate limits set on a per endpoint basis.

Might prefer to have a rate limit based on client_id (not on a network criteria)

For the auth endpoints, client_id is in the query.

1 Like

For client_credentials flow it is into the body… not really convenient
Our reverse proxy is Traefik