How to limit the number of records per one REST inbound call

Chaiatnya
Tera Contributor

Hi all, I wanted to limit the number of records to limit to 1000 when REST inbound API is called. Can someone help

4 REPLIES 4

Mohith Devatte
Tera Sage
Tera Sage

Hello @Chaiatnya There is a table called "Rate Limit Rules" in service now .

 

Navigate t rate limit rules and change your API limit 

Screenshot 2023-08-31 at 15.50.12.png

 

Hope this helps 

Mark the answer correct if this helps you 

Thanks

Chaiatnya
Tera Contributor

Hello @Mohith Devatte, using rate limit rules we can restrict number of calls, but not number of records per call. I'm looking to restrict number of records to limit

@Chaiatnya then i think it depends on the API which you are calling .

If its a third party tool , you need to know a query parameter which you need to pass in order to limit the number of records in one payload

Thanks

@Chaiatnya do you have any specific requirement like inbound get call for CMDB or Incident etc which have high volume of data? In OOB we have only rate limit which restrict based on hour/duration based on user role. Also you can explore Scripted Rest APIs which would need some scripting and it provides scripted API end points which can be consumed by the external subscribers you have lot flexibility here to customize on the API response and set limits.

 

In OOB by default it provides 10K records if no limits set, best practice is to set offset and limit and batch the  request calls

 

To do so, you can make use of the parameters

 

- sysparm_limit: to define how many records you get in one call (10000 by default)

- sysparm_offset: to define the records to exclude from the query

 

The first call would be something like

/api/now/table/incident?sysparm_limit=1000&sysparm_offset=0

the next one

/api/now/table/incident?sysparm_limit=10000&sysparm_offset=1000

/api/now/table/incident?sysparm_limit=10000&sysparm_offset=2000

 

It dose not restrict user if the increase limit but it can be monitored in the transaction logs, so this should be educated and agreed with all the Integrating tools and design their API calls with limit offset batches of 1000. Also, if there are repeated offenders their API access can be revoked after warning so this should go in the Integration design document and approval with all the stakeholders and Standard Operating Procedure to either monitor Transaction log or Rate limit. 

 

If my response helps to solve your issue. Kindly mark it as helpful & correct.