API Login Limit Error for REST API Calls with Access Token


Hello Friends,

I’m new to Acumatica and I’m trying to integrate with Acumatica using Contract based REST APIs using OAuth. We have a L1 tier license.

I generate the OAuth Access Token first, and then reuse it to call Acumatica APIs. But I often run into “API Login Limit” errors when I try to create Invoices through APIs. I’m confused because I’m not really trying to login and just trying to create Invoices and read customers.  And since I’m using OAuth, I only login once and generate an access token, and use it in all subsequent calls.

[PXException: API Login Limit]
PX.LicensePolicy.PXLicensePolicy.CheckApiUsersLimits() +2479
PX.Web.PXApplication.Application_PostAcquireRequestState(Object sender, EventArgs e) +9
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +223
System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +220
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +94

 

Can you please help me understand why I’m getting this error and how can I fix this?

Thanks.


11 replies

Userlevel 7
Badge +17

Hi @paramesh,

After login through the API and once the process is finished are you calling the Logout method as well? If NOT please add logout as well.

Also, can you please verify “Maximum Number of Web Services API Requests per Minute:” in the License Monitoring Console screen? Please find the screenshot for reference.

 

 

Thank you for your help, @Naveen B . 

Do we need to call logout for OAuth as well? I thought it’s required only for screen based APIs. 

For OAuth, I just generate one access token for an entire hour and use it over several API calls (all within limit). 

 

We are in Large Tier 1, and we are not hitting the limit. But, I’m also surprised we have only 150 API requests per minute when compared to your screenshot. Can you please let me know how to adjust the limit? 

 

Userlevel 7
Badge +17

Yes @paramesh 

Yes, we need to use the logout call as well as part best practise. Please find the screenshot for reference from Acumatica blog.

We can not adjust license parameter values, if any changes required in this we need contact Acumatica support team. But, I don’t think you are making 150 API callls with in 1 minute.

Better raise a support ticket with Acumatica on this issue.
 

 

Userlevel 7
Badge +17

@paramesh  There may be a chance of getting API Login Limit error in the below scenario.

-- You logged in to the Acumatica instance using REST API and then the process started executing, assume this process is still in progress and you're trying to make the same API call in the middle 1st API call process, then the process breaks and will provide you the API Login Limit error.

 

Please check if this scenario is applicable to you.

Thank you very much for your help, Naveen. 

 

It does seem odd that we have to call logout even for OAuth, since the Access Token is valid for 60 minutes, and we are reusing the same token between multiple API calls, without having to store cookies or authorize repeatedly. 

 

Your second point seems interesting though, concurrent calls are definitely a possibility. - I thought we can have 6 concurrent requests to Acumatica (based on our license).

 

I’ll raise a ticket with Acumatica Dev Support to see what they have to say. 

Userlevel 7
Badge +17

@paramesh  Yes, the system will allow the 6 concurrent API requests, but there may be a chance that the system trying to invoke the 7th API call, before finishing the other processes.


Sure, please share the info here once you got the response/Solution here.

 

@paramesh It would also be worth checking the Users screen for the account you are trying to authenticate with, for the max Number of allowed sessions.

 

You can try adjusting this value

Thanks @bahaazantout83, good point, we’ve already set the Allowed number of sessions as 25 and we still somehow get this error. Will update this post once I get answers from Acumatica support.

The weird part is, there is no logout for OAuth Rest API calls. There is identity/connect/token to generate the token, and there is no logout API at all. - https://www.acumatica.com/media/2020/02/AcumaticaERP_IntegrationDevelopmentGuide.pdf

For anyone facing the same issue in future: If you’re using OAuth API with scope “api:concurrent_access”, Acumatica will use a Session Cookie for concurrent user tracking. So if we’re calling the API again for the same user, we will have to pass the cookie again, if not Acumatica will consider the new API request as a new user, and it will count towards the limits.


We solved the issue by passing the cookies back for API requests if it’s from the same user.

Paramesh, thanks for the update.

Reply


About Acumatica ERP system
Acumatica Cloud ERP provides the best business management solution for transforming your company to thrive in the new digital economy. Built on a future-proof platform with open architecture for rapid integrations, scalability, and ease of use, Acumatica delivers unparalleled value to small and midmarket organizations. Connected Business. Delivered.
© 2008 — 2024  Acumatica, Inc. All rights reserved