Apigee · Rate Limits

Apigee Rate Limits

Apigee enforces two distinct rate-limit surfaces. (1) Limits on the Apigee management/control-plane APIs (apigee.googleapis.com) used to administer organizations, environments, and proxies — capped at 6,000 calls per minute against the management API. (2) Per-runtime data-plane limits set by the proxies themselves through Apigee's Quota and SpikeArrest policies (SpikeArrest max 4,000 requests per second / 240,000 per minute; Quota policy windows from 1 minute to 1 year). Capacity ceilings (deployed proxies, environments, target servers, KVMs) are enforced per-organization and per-environment.

16 Limits Throttle: 429 Quota: 429
Rate LimitingAPI ManagementGoogle CloudQuotas

Limits

Management API call rate organization
requests_per_minute · minute
6000
Applies to user/UI/SDK calls against apigee.googleapis.com (control plane).
SpikeArrest policy ceiling (per second) proxy/environment
requests_per_second · second
4000
Maximum SpikeArrest rate configurable in a per-second SpikeArrest policy.
SpikeArrest policy ceiling (per minute) proxy/environment
requests_per_minute · minute
240000
Maximum SpikeArrest rate configurable in a per-minute SpikeArrest policy.
Quota policy window api-product
varies
1 minute to 1 year
Quota policies can be configured with a window from 1 minute up to 1 year against any user-defined counter (per app, per developer, per IP, etc.).
Deployed API proxies (per organization) organization
proxies
6000
Apigee X cap; Apigee hybrid is 4,250–6,000 depending on subscription.
Deployed API proxies (per environment) environment
proxies
6000
Apigee X cap.
Environments per organization organization
environments
85
API products per organization organization
api-products
5000
Apps per organization organization
apps
1000000
Developers per organization organization
developers
1000000
Target servers per environment environment
target-servers
1000
KVMs per environment environment
key-value-maps
900
Proxy bundle size proxy
MB
15
Applies to both the bundle and individual resource files.
Buffered request/response size proxy
MB
30
Request URL size proxy
KB
10
Request/response header size proxy
KB
60

Policies

Quota Policy
Configurable per-API-product or per-app counter. Counter persists across the configured window (1m–1y) and triggers 429 on exceed. Distributed counters synced across runtime instances.
SpikeArrest Policy
Smooths bursts by enforcing a rolling per-second / per-minute ceiling. Used for traffic shaping rather than business quota. Triggers 429 on burst.
Concurrent Rate Limit
Concurrent connections cap configurable per environment to protect downstream targets.
Backoff Strategy
Clients should implement exponential backoff with jitter; Apigee surfaces 429s with policy-driven headers when configured.
Capacity Planning
Subscription tier governs ceilings on environments, proxies, and runtime capacity; engage Google Cloud sales to raise tier-bounded limits.

Sources