# /sys/quotas/config

The `/sys/quotas/config` endpoint is used to configure rate limit quotas.

### Create or update the rate limit configuration

| Method | Path                 |
| ------ | -------------------- |
| `POST` | `/sys/quotas/config` |

#### Parameters

* `rate_limit_exempt_paths` `([]string: [])` - Specifies the list of exempt paths from all rate limit quotas. If empty no paths will be exempt.
* `enable_rate_limit_audit_logging` `(bool: false)` - If set, starts audit logging of requests that get rejected due to rate limit quota rule violations.
* `enable_rate_limit_response_headers` `(bool: false)` - If set, additional rate limit quota HTTP headers will be added to responses. These include:
  * `Retry-After`: If the request is blocked due to rate limiting, this will be a suggested time, in seconds, to wait before retry after. The time suggested will be the amount of time in seconds remaining before the rate limit quota applicable to this request is reset. Identical to the `X-Ratelimit-Reset` header.
  * `X-Ratelimit-Limit`: The limit of the rate limit quota applicable to this request.
  * `X-Ratelimit-Remaining`: The remaining requests in the current interval for the rate limit quota applicable to this request.
  * `X-Ratelimit-Reset` The amount of time in seconds remaining before the rate limit quota applicable to this request is reset. Identical to the `Retry-After` header.

#### Sample payload

```json
{
  "rate_limit_exempt_paths": [
    "sys/internal/ui/mounts",
    "sys/generate-recovery-token/attempt",
    "sys/generate-recovery-token/update",
    "sys/generate-root/attempt",
    "sys/generate-root/update",
    "sys/health",
    "sys/seal-status",
    "sys/unseal"
  ],
  "enable_rate_limit_audit_logging": true,
  "enable_rate_limit_response_headers": true
}
```

#### Sample request

```shell-session
$ curl \
    --request POST \
    --header "X-Vault-Token: ..." \
    --data @payload.json \
    http://127.0.0.1:8200/v1/sys/quotas/config
```

### Get the rate limit configuration

| Method | Path                 |
| ------ | -------------------- |
| `GET`  | `/sys/quotas/config` |

#### Sample request

```shell-session
$ curl \
    --request GET \
    --header "X-Vault-Token: ..." \
    http://127.0.0.1:8200/v1/sys/quotas/config
```

#### Sample response

```json
{
  "request_id": "259801bd-a0c9-9350-8eb9-26c91afd19c6",
  "lease_id": "",
  "lease_duration": 0,
  "renewable": false,
  "data": {
    "enable_rate_limit_audit_logging": false,
    "enable_rate_limit_response_headers": false,
    "rate_limit_exempt_paths": [
      "sys/internal/ui/mounts",
      "sys/generate-recovery-token/attempt",
      "sys/generate-recovery-token/update",
      "sys/generate-root/attempt",
      "sys/generate-root/update",
      "sys/health",
      "sys/seal-status",
      "sys/unseal"
    ]
  },
  "warnings": null
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.enclaive.cloud/vault/api/system-backend/sys-quotas-config.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.