API Response Times for Authentication and Management APIs

Last Updated: Nov 11, 2024

Overview

This article clarifies whether API response times for authentication and management APIs are documented and part of the SLA.

Applies To

  • Management API

Solution

The SLA covers availability but not the response times (see this document for reference).

For Private Cloud Customers

There are periodic internal tests for each private cloud release to detect regressions. Still, the results from these tests may not give the proper indication of what might be observed as the latency has many contributing factors that may be different in the setup. E.g.,

  1. The customization in the tenant, like the rules/hooks/actions and custom DB login scripts.
  2. The hosted page code and scripts.
  3. The used authentication flow.
  4. The number of users in the tenant.
  5. The applied load.
  6. The network latency between the test environment and the Auth0 servers.
  7. The private cloud type (Basic, Performance, Performance Plus)

As a better idea, perform a load test, and if any unacceptably long delays are noticed, we can investigate how to improve it.

A process is in place to perform a load test. This is the related public documentation. For private cloud customers, the tests are approved quickly. Still, we require the same information to be shared before testing.

For Enterprise Public Cloud Customer

There are periodic internal tests to detect regressions. Still, the results from these tests may not give the proper indication of what might be observed as the latency has many contributing factors that may be different in the setup. E.g.,

  1. The customization in the tenant, like the rules/hooks/actions and custom DB login scripts.
  2. The hosted page code and scripts.
  3. The used authentication flow.
  4. The number of users in the tenant.
  5. The applied load.
  6. The network latency between the test environment and the Auth0 servers.

As a better idea, perform a load test, and if any unacceptably long delays are noticed, we can investigate how to improve it. A process is in place to perform a load test and this is the related documentation.

For Low Paid Public Cloud Customers

There are periodic internal tests for each to detect regressions. Still, the results from these tests may not give the proper indication of what might be observed as the latency has many contributing factors that may be different in the setup. E.g.,

  1. The customization in the tenant, like the rules/hooks/actions and custom DB login scripts.
  2. The hosted page code and scripts.
  3. The used authentication flow.
  4. The number of users in the tenant.
  5. The applied load.
  6. The network latency between the test environment and the Auth0 servers.

A load test could help to find the average latency. We allow load testing for our enterprise customers. If it is an option to upgrade the plan to Enterprise, perform a load test. The detailed load test policy is available here.