Enhancing Reliability and Security for Your Tenants
If you are a Basis Theory platform user, action is most likely required for your Production Tenant.
What has Changed?
We have updated our Rate Limits to better align with the specific workloads our customers are running. Here’s how we’re enhancing reliability and security:
- Test Tenants now have specific Rate Limits to prevent test environments from impacting production stability.
- Each type of Application now has specific rate limits to optimize performance and security:
- Private Applications have higher limits based on API Key or IP address to support increased usage.
- Public Applications have lower limits per IP to reduce the risk of abuse.
- Management Applications have lower per API Key limits to enhance security and prevent misuse.
- Whitelabel and Unauthenticated Proxies now have specific rate limits to safeguard against unauthorized access.
Why has this changed?
In the past three months, we have implemented numerous performance and usability enhancements to boost visibility and reliability for our customers. During this process, we evaluated how organizations use our platform and identified key areas that need to scale and perform better. We discovered that our current Rate Limits were insufficient to support the growth we are witnessing among our customers. Therefore, we are introducing new, more adaptable rate limits to ensure reliability, scalability, and security across all tenant types.
What do you need to do?
Production Tenants
- Private Applications
- Rotate Private API keys to the new format to maintain your existing Rate Limits and ensure continued scalability and reliability.
- Public and Management Applications
- Rotating these keys is recommended but optional. Our analysis indicates no reduction in service for active customers.
- Whitelabel Proxies
- No action is required for these tenants.
Test Tenants
No changes are required for Test Tenants. If you need a higher rate limit for these tenants, please contact support@basistheory.com or your account representative.
When will this go into effect?
July 16th, 2024
FAQ
- How can you know if the API Key falls into the new Default Rate Limits?
- Legacy API keys are marked with a Rate Limit of Legacy in the Portal.
- API Keys under the new Default Rate Limits are marked with Default.
- How will this affect Public API Keys used in Web and Mobile apps?
- There should be no effect on any Web or Mobile applications. The rate limit is lower but still based on IP address.
- Can I get a higher Rate Limit if required?
- Yes, please contact your Account team or respond to this email if you believe you need a higher limit.
- How were these new Rate Limits determined?
- After monitoring traffic and usage over the past 18 months, we found these limits better serve our customers’ use cases, risk profiles, and growth needs than our existing limits.
- Will you notify me if I’m still using a Legacy key?
- We will monitor Production Tenants using Legacy API Keys and periodically notify you until July 16th, 2024.
- How can I rotate my keys safely with Terraform?
- You’ll need to upgrade from
v1tov2of the Basis Theory Terraform Provider, you can find documentation on how to migrate to fully terraform managed API Keys here.
- You’ll need to upgrade from
-Dec-13-2022-06-27-12-2630-PM.png?width=50&name=62507e98e39fbe12913a3198_nathan-loading%20(1)-Dec-13-2022-06-27-12-2630-PM.png)
