aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs: Revise HTTP header documentation (#4637)

Browse Source 
* docs: Revise HTTP header documentation

* docs: Define new header

* docs: Revise definition

* docs: Update if header is not provided
pull/4756/head
Dan Heath 2 years ago committed by GitHub
parent 649804d950
commit 49afe51445
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File

13
website/content/docs/api-clients/api/index.mdx
Unescape View File

@ -82,6 +82,19 @@ The following method conventions are used within Boundary's API:
`DELETE` is used for deleting a specific resource, and is only used against a particular resource path.
## HTTP headers
Clients that make requests to the controller API can inspect HTTP response headers to understand the configured limits and current usage.
Responses may contain the following headers:
- `RateLimit` - Provides the current limit, number of remaining requests, and the time at which the quota will reset for the limit that is closest to being exhausted for the requested resource and action.
- `RateLimit-Policy` - Describes the limits for the requested resource and action.
- `X-Correlation-ID` - Identifies a transaction over a series of requests and responses.
The `X-Correlation-ID` header is a universally unique identifier (UUIDv4).
If you provide an `X-Correlation-ID` header in an HTTP request, Boundary logs that value for all audit events related to the request.
It then uses that value as the header when it makes related requests to an external system, such as Vault, so that you can correlate the event between the product logs.
If you do not provide an `X-Correlation-ID` header, Boundary generates a unique value for each incoming request.
## Manage system resources
If your controllers try to process every API request, they may either run out of resources or overwhelm the database server.

11
website/content/docs/api-clients/api/rate-limiting.mdx
Unescape View File

@ -41,17 +41,16 @@ The default limits for all other actions are:
You can override the default settings and configure other specific limitations using the `api_rate_limit` stanza in the controller configuration.
## HTTP headers
## Rate limiting HTTP headers
Clients that make requests to the controller API can inspect HTTP response headers to understand the configured limits and current usage.
Each response contains the following headers:
Each response contains the `RateLimit` and `RateLimit-Policy` headers.
- `RateLimit` - Provides the current limit, number of remaining requests, and the time at which the quota will reset for the limit that is closest to being exhausted for the requested resource and action.
- `RateLimit-Policy` - Describes the limits for the requested resource and action.
If the request is limited, Boundary sends the client a 429 HTTP status code with a `Retry-After` header.
If the request is rate limited, Boundary sends the client a 429 HTTP status code with a `Retry-After` header.
The `Retry-After` header contains the number of seconds the client should wait before it sends the request again.
For more information, refer to [HTTP headers](/boundary/docs/api-clients/api#http-headers).
## More information
Refer to the [controller stanza](/boundary/docs/configuration/controller#api_rate_limit) documentation for the specific `api_rate_limit` configuration options.

Write Preview
Loading…
Cancel
Save