API limits

Limitations of how the Acoustic Campaign APIs can be used

Acoustic Campaign has a robust API that handles the automation of most actions available through the Acoustic Campaign UI, such as adding new contacts or sending email campaigns. However, we place limits on the way our customers use our APIs to ensure that we provide the highest level of service and performance to all of our customers.

Concurrent requests and active sessions: what to expect

By default, up to 10 concurrent requests are allowed to our API servers at any given time when using the OAuth method for authentication. OAuth access tokens allow calls to re-use existing tokens if they are still valid (within the 4-hour expiration window) so that a new token does not have to be generated with every call if an existing one is still valid. This will allow multiple mobile users to access data over a single token for example, when there are many simultaneous calls from a mobile app.

If necessary, we recommend that you obtain a new access token every 3 hours to avoid the likelihood of losing access to the API.

Concurrent requests are not equal to access tokens. An example of concurrent requests would be hitting Acoustic’s servers with 99 RawRecipient calls at the same time and we won’t allow it. Once you get a response back from our servers, that single concurrent request is over and you’re back to being allowed 10. We will reject any request that needs to make use of an >= 11th request thread; we do not ‘hold’ the request and retry when a thread becomes available. This concurrency limit is per organization, not user, list, API request type, etc.

For mobile app use cases, if needed as multiple app users could perform an action in an app and hit our servers concurrently, you can make a request through the Client Support Team to raise the limit of concurrent requests.

Note: The maximum API Concurrent Authenticated Requests feature setting is set to 10 for Organizations and there is a per organization limit.

API users of the legacy authentication (see more in the section on “Legacy Authentication Method”) must maintain no more than 20 active login sessions per Org at any time. To optimize the use of active sessions, make sure that your application uses the Logout API to release an active session when you are finished interacting with the API. This prevents lingering sessions that are no longer in use from blocking the creation of new active sessions. Inactive sessions that are not terminated properly with the Logout API can remain active for several minutes. All users of the Acoustic Campaign XML API are strongly encouraged to use OAuth 2.0 authentication. This token-based authentication model is much more flexible by allowing for the reuse of access tokens and eliminating the need to generate a high number of unique and active sessions.