need some help troubleshooting rate limiting on the auth endpoint. running jmeter scripts to validate token refresh capacity for a scaled deployment. hitting 429 too many requests on https://api.mypurecloud.com/oauth2/token when ramping concurrent users past 500. the error body returns retry-after: 1. this seems aggressive for a load test environment. the docs mention organizational limits but do not specify if auth is throttled separately from standard api calls. we are using the standard client credentials flow. is there a way to increase the burst capacity for token generation? or is this a hard limit per org? the test is running from us-east-1. also seeing some latency spikes on the websocket connections right after the auth failures. not sure if related. any insights on configuring higher throughput for auth? currently using jmeter 5.6.2 with http sampler.
The root cause here is the OAuth service enforcing strict rate limits on token issuance to prevent credential stuffing. The Retry-After: 1 header indicates a one-second cooldown per request, so implementing exponential backoff in your load test script is required to stabilize the ramp.