mitchos/pyZscaler

[BUG]: Rate limited when trying to list users in mobile admin portal for a tenant with 30,000+ users

Closed this issue · 3 comments

Describe the bug

Using the pyZscaler Mobile Admin API, we are getting Rate Limited when trying to list users in the Mobile Admin Portal (when athere are 30,000+ users). The API works perfectly when there are <100 users in the Mobile Admin Portal.

To reproduce:

`#!/usr/bin/env python3

from pyzscaler import ZCC
from pprint import pprint

print("\nListing ZCC devices for zscaler.net tenant...")
zcc = ZCC(client_id='XXXXXX', client_secret='XXXXXXXXXXX', company_id='zscaler.net-XXXXXXX')
for device in zcc.devices.list_devices():
user = device.user
registration_state = device.registration_state
print ("User:",user,"Device State:",registration_state)`

This script above results in the following errors, this issue is 100% reproducible:
[429: GET] https: //api-mobile.zscaler.net/papi/public/v1/getDevices?page=201 body=b'
[429: GET] https://api-mobile.zscaler.net/papi/public/vl/getDevices?page=201 body=b'
[429: GET] https://api-mobile.zscaler.net/papi/public/vl/getDevices?page=201 body=b'
[429: GET] https://api-mobile.zscaler.net/papi/public/vl/getDevices?page=201 body=b'

To Reproduce
Steps to reproduce the behavior:

  1. Run the example script shown above on a tenant with 30,000+ registered users in the ZCC Mobile Admin Portal.

Expected behavior

Expected behavior is to be able to list all users within the ZCC Mobile Admin Portal, it works properly for small numbers (<100) but tenants with 30,000+ users we are being rate limited.

I faced it in my past issue, when Zscaler vendor was resetting connections on random higher page returned..

It helped me to set page_size parameter to something bigger (default is 30). I think now I am using 500 (999 is also working) and it solved also my performance issues. You should try this.

It might be a good idea to increase this parameter to bigger value.

#207 (comment)

Hello, thank you for your response, I will update this thread if/when I am able to test this parameter as part of the zcc instantiation, page_size=999 with >=30,000 users.

This is outside the scope of pyZscaler as this is the documented behaviour of the ZCC API as per Understanding Rate Limiting in Zscaler's help docs.

As identified, there's an undocumented capability of requesting more devices per page by increasing the page_size argument. I'm reluctant to change the default behaviour of pyZscaler here without more usage data. As a compromise I'll make a note to update the documentation for the next release.

Downloading bulk device information is safely handled via the zcc.devices.download_devices() method.

If you believe this should be changed then I would recommend an ER (enhancement request) via your Zscaler account team.