Flows/Actions

Check Rate Limit

Note

The Check Rate Limit Action is only available to Growth and Enterprise license holders.

The Check Rate Limit action in the flow is used when you wish to rate filter and block various values to protect parts of your flow.

The action form allows you to enter a step name, a rate limit key, a threshold for attempts per minute, and custom error messages.

The rate limiting configuration is applied across all flow executions in your flow and is used to prevent:

  1. Brute-force abuse (several quick login attempts)
  2. Email spam (flooding legitimate users with emails)
  3. User enumeration (detecting which emails are registered)
  4. Bots (JA4/IP fingerprinting)

Here's a guide to rate limiting with Descope.

Check Rate Action

The rate limit key can either be IP, ASN, or JA4.

Rate Limit Key

It is also possible to configure error handling for the action. Handling can either be automatic, custom, or ignored.

Rate Limit Error Handling

Was this helpful?

Link User Identities Across Different Auth Methods

Learn how to associate multiple login IDs for different authentication methods in your Descope flows.

Reset Form

When you're designing a flow and need to reset all of the previous user inputs you can use this action to do so.

On this page