How does Rencore Governance handle throttling by Microsoft 365?

What is throttling?

Microsoft 365 uses throttling to maintain optimal performance and reliability of the service. Throttling limits the number of user or application requests or concurrent calls (by script or code) to prevent the overuse of resources.

That said, it is rare as a user to get throttled by Microsoft 365. The service is robust, and it is designed to handle high volume.

For an application like Rencore Governance or any other 3rd party application that performs a larger amount of requests, throttling can occur if not handled properly. 

How throttling happens

Common throttling scenarios

The most common causes of throttling of clients include:

  • A large number of requests across all applications in a tenant.
  • A large number of requests from a particular application across all tenants.

What happens when throttling occurs?

When a throttling threshold is exceeded, Microsoft 365 limits any further requests from that client/application for a period of time. When throttling occurs, Microsoft 365 returns the HTTP status code 429 (Too many requests), and the requests fail.

Microsoft Graph

"When a throttling threshold is exceeded, Microsoft Graph limits any further requests from that client for a period of time." (Microsoft)

Microsoft SharePoint

"When a user runs CSOM or REST code that exceeds usage limits, SharePoint Online throttles any further request from the user for a period of time." (Microsoft) 

A suggested wait time is returned in the response header of the failed request. Throttling behavior can depend on the type and number of requests. For example, if the application has a high volume of requests, all requests types are throttled. Threshold limits vary based on the request type. Therefore, you could encounter a scenario where writes are throttled but reads are still permitted.

How does Rencore Governance avoid throttling?

Rencore Governance is developed to work within the throttling limits by Microsoft. It reduces the load on the tenant by adjusting scan frequency, speed, and volume to remain below the limits. 

Rencore uses a continuous scanning approach and also differs between full and incremental scans
  • Scans are running "silently" during the day, with a low amount of requests per second. Rencore does not "hammer" the tenant to get the data as quickly as possible.
  • Rencore keeps a steady request load to avoid peaks that may be flagged by Microsoft 365.
  • Rencore strictly follow the throttling guidance: when, despite all measures, the applications receives a throttling response (i.e. The overall application limits for all applications has been reached, Rencore stops the scanning completely for the returned period of time and even waits a bit longer for Microsoft 365 to recover)

    Scanning will only be paused and resumed after the throttling has been lifted, so no already scanned data will be lost.

The result is, that neither your Microsoft 365 tenant, your users, or Rencore Governance are affected in its operation. Only the data in Rencore Governance might take longer to be up to date. 

Rencore's approach has been successfully tested with very large Microsoft 365 tenants (100k+ users) and has seen throttling only happen in rare cases when retrieving:

  • file metadata from very large libraries in SharePoint.
  • file metadata from very large drives in OneDrive.
  • audit log information Azure AD.

If any of those entities are not relevant for the customer to be retrieved, they can also individually be disabled to further reduce the risk of throttling. 

Resources