Please tell me how to solve '429 - Too many requests'.

SOLVED
Gwangjin
Here to help

Please tell me how to solve '429 - Too many requests'.

Hi,

I was collecting client information periodically using 'Get Network Clients'.

But suddenly, 'Too Many Requests' started to happen.

 

too_many_requests.png

 

So I stopped all API calls and waited.

But it's been 3 hours and 'Too Many Requests' are still happening.

Even though there's only one API call.

 

What do I have to do to release that condition?

Let me know if anyone knows.

 

regards Gwangjin

1 ACCEPTED SOLUTION

There is a concurrency limit of 10 concurrent requests per IP.

It sounds like you are not the only one who is calling the same Meraki organization probably with a automation script. 

 

Try to use the below endpoints to investigate.

 

Use 'getOrganizationApiRequestsOverview' to get an overview of API summary during a given timespan. Here is an example.

 

{
"responseCodeCounts": {
"200": 50000,
"201": 4000,
"204": 1000,
"400": 3500,
"404": 1500,
"429": 10000
}
}

 

Use 'getOrganizationApiRequests' to analyze details on what are those API calls, who is calling them from which IP.  Below is an example of the output. You might need to create a script to analyze the output as there are tens of thousands of items in case of API being misused.

 

[
{
"adminId": "212406",
"method": "GET",
"host": "api.meraki.com",
"path": "/api/v0/organizations/33349/apiRequests",
"queryString": "timespan=604800",
"userAgent": "PostmanRuntime/7.6.0",
"ts": "2019-02-20T17:31:23Z",
"responseCode": 200,
"sourceIp": "123.123.123.1"
}
]

 

Once you identify the suspect admin ID, use 'getOrganizationAdmins' to get the email identity.

 

 

View solution in original post

9 REPLIES 9
Inderdeep
Kind of a big deal
Kind of a big deal

@Gwangjin : Check this document 

https://developer.cisco.com/meraki/api/#!rate-limit

 

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
rhbirkelund
Kind of a big deal

This is what I use..

 

The hardcoded status_code = 201, is only declared for testing purposes and its just "faking" a succesful POST towards the API.. Remove it, and uncomment the actual request().

...
                 for _ in range(MAX_RETRIES):
                    try:
                        resp.status_code = 201
                        # r = requests.request(
                        #         'POST',
                        #         url,
                        #         headers = headers,
                        #         data = payload
                        # )
                        if resp.status_code == 201:
                            if index < len(p_sitelist)-1:
                                LOGGER.info(f"[ Create Networks ]: Network {site['Network']} created successfully! On to Next..")
                                #print(f"Network {site['Network']} created successfully! On to Next..\n")
                                break
                            else:
                                LOGGER.info(f"[ Create Networks ]: No more networks to create.")
                                #print("No more networks to create.")
                                return              
                        elif resp.status_code == 429:
                            LOGGER.warning(f'[ Create Networks ]: Rate limited - Retrying after {r.headers["Retry-After"]}.')
                            #print(f'Rate limited - Retrying after {resp.headers["Retry-After"]}.')
                            time.sleep(int(resp.headers['Retry-After']))
                            continue
                        else:
                            LOGGER.critical(f'[ Create Networks ]: Unexpected status code: {r.status_code} returned from server.\n Msg: {r.text}')
                            raise SystemExit(f'Unexpected status code: {r.status_code} returned from server.\n Msg: {r.text}')
                    except Exception as e:
                        LOGGER.error("[ Create Networks ]: Unknown error..")
                        LOGGER.exception(e)
                        #pprint(e)
                        return ""

 

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
PhilipDAth
Kind of a big deal
Kind of a big deal

Note that if you use the Python SDK it automatically retries on a 429 for you.

https://developer.cisco.com/meraki/api-v1/ 

Gwangjin
Here to help

I found out something new during the test.

 

In the company, "Too Many Requests" occurs when the Meraki Dashboard API is called.

 

429.png

 

But it's normal(status code : 200) to call the same API at home.

success.png

 

I think it's a restriction by IP.

 

Please let me know if you know what to do.

 

 

 

* PS : We can't change the company's IP.

There is a concurrency limit of 10 concurrent requests per IP.

It sounds like you are not the only one who is calling the same Meraki organization probably with a automation script. 

 

Try to use the below endpoints to investigate.

 

Use 'getOrganizationApiRequestsOverview' to get an overview of API summary during a given timespan. Here is an example.

 

{
"responseCodeCounts": {
"200": 50000,
"201": 4000,
"204": 1000,
"400": 3500,
"404": 1500,
"429": 10000
}
}

 

Use 'getOrganizationApiRequests' to analyze details on what are those API calls, who is calling them from which IP.  Below is an example of the output. You might need to create a script to analyze the output as there are tens of thousands of items in case of API being misused.

 

[
{
"adminId": "212406",
"method": "GET",
"host": "api.meraki.com",
"path": "/api/v0/organizations/33349/apiRequests",
"queryString": "timespan=604800",
"userAgent": "PostmanRuntime/7.6.0",
"ts": "2019-02-20T17:31:23Z",
"responseCode": 200,
"sourceIp": "123.123.123.1"
}
]

 

Once you identify the suspect admin ID, use 'getOrganizationAdmins' to get the email identity.

 

 

ShawnHu, thank you for your response.

 

 

First of all, I have something to say for sure.

  1) No one calls the Meraki Dashboard API.

  2) '429 - Too many requests' only occur in the company.

 

Two days later, '429 - Too Many Requests' are still occurring.

 

How can I solve this problem?

 

Again, no one is calling the Meraki Dashboard API.

 

 

regards Gwangjin

 

 

PhilipDAth
Kind of a big deal
Kind of a big deal

Are you sure something in your code, perhaps somewhere else, is not in a tight loop making repeated API calls in succession?

 

If you chance to using the Python SDK this issue is likely to go away.  Or at a minimum, you'll be able to enable a trace of the calls to see if you are making lots of calls close together.

PhilipDAth
Kind of a big deal
Kind of a big deal

@John-K , another one.

I'd check your actual API usage. How many other users (or applications) have API keys? You have to share the budget with those other folks in the same org. Even if your usage hasn't changed, there are likely others using API more, thus competing with your usage.

 

In the API docs, check Organizations > Monitor > API Requests for the two endpoints that give you this info.

Get notified when there are additional replies to this discussion.