function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
ChickenOrBeefChickenOrBeef 

Exceeding daily API request limit - need to know source of requests

Hey everyone,

We've been exceeding our daily API requests limit (140,000). I checked the "API Usage - Last 7 Days" report, and it seems that the vast majority of the requests are under my name, but there's no "Client Id" associated with them. So I have no idea where they're coming from.

Is there any way to identify the source of those requests?

Thanks,
Greg
Best Answer chosen by ChickenOrBeef
Andy BoettcherAndy Boettcher
The "LoginHistory" object should get you what you need:

SELECT ApiType,ApiVersion,Application,AuthenticationServiceId,Browser,ClientVersion,Id,LoginGeoId,LoginTime,LoginType,LoginUrl,NetworkId,Platform,SourceIp,Status,UserId FROM LoginHistory WHERE UserId = <YourId>

-Andy

All Answers

Andy BoettcherAndy Boettcher
The "LoginHistory" object should get you what you need:

SELECT ApiType,ApiVersion,Application,AuthenticationServiceId,Browser,ClientVersion,Id,LoginGeoId,LoginTime,LoginType,LoginUrl,NetworkId,Platform,SourceIp,Status,UserId FROM LoginHistory WHERE UserId = <YourId>

-Andy
This was selected as the best answer
ChickenOrBeefChickenOrBeef
Hey Andy,

I should execute that code in Execute Anonymous?

-Greg
Andy BoettcherAndy Boettcher
You can just use the Query Editor in Developer Console, but you'll need to get your UserId.

User-added image
ChickenOrBeefChickenOrBeef
Thanks Andy. But now I'm even more confused lol. When I look at my login history, the vast majority of the logins are under the application "DocuSign/Connect/", but when I look at the API Usage - Last 7 Days report for today, it says only about 100 requests have a Client Id of "DocuSign/Connect/", whereas most of them (about 60,000) are under my name with no Client Id.

Any idea why there's a difference there?

Thanks for all the help so far.
-Greg
Andy BoettcherAndy Boettcher
Hmmm - that is a weird one.

Well, there is always the "nuclear option" - changing your password and security token, then stepping through the applications that SHOULD have access and reconnecting?
ChickenOrBeefChickenOrBeef
It looks like a good chunk of requests are actually coming from one of our new hires who's using an app called EasilyDo (that's according to his login history, since the API Usage report has a blank Client Id for him as well). Most of the requests are under my name, but I didn't notice there's a bug chunk attributed to him. That's probably what's pushing us over the limit. So once we have him disconnect EasilyDo, we should be OK for now.

Thanks for the help, Andy!
Andy BoettcherAndy Boettcher
As an aside - if that application is worthwhile, buying additional API bands is CHEAP.  Check with your AE.