# Overview

#### Throttling mechanisms are commonly used by cloud service providers to prevent API overloads. In the context of data protection, throttling can lead to task interruptions or significantly extended execution times. GitProtect minimizes this risk through an advanced system of credential rotation and dynamic exchange.

***

## Throttling prevention mechanism <a href="#preparing_personal_access_token" id="preparing_personal_access_token"></a>

**GitProtect** implements a credential management system that optimizes API limit usage by distributing requests across multiple accounts or access tokens. This process occurs automatically on two levels.

### <mark style="background-color:blue;">Credential rotation</mark>

Every task (backup or restore) launched in the system is assigned credentials from an available pool. The system applies a rotation principle, meaning that subsequent tasks use different authentication data (e.g., **task A** uses credential **a**, **task B** uses credential **b**, and so on). This ensures that API limits are used evenly, significantly reducing the likelihood of being blocked.

### <mark style="background-color:blue;">Dynamic credential exchange</mark>

If throttling occurs during an active task, the **Management Service** takes the following steps:

* **Available additional credentials** — if other credentials are available in the pool, **Management Service** sends new credentials to the worker. The task continues without interrupting the operation.
* **No additional credentials available** — if the credential pool is exhausted, **Management Service** informs the worker that no more credentials are available. The task is then suspended and marked as **Throttled**, **waiting for the limits to reset**.

{% hint style="success" %}
In the task summary within the **GitProtect** panel, you can review the list of all credentials used to perform the operation and check the specific time periods when throttling occurred.
{% endhint %}

***

## Important recovery requirements

For the credential exchange mechanism to function correctly during operations, specific permission requirements must be met:

* [x] **Location access** — additional credentials must have write permissions for the target recovery location.
* [x] **Restoring to an organization** — for platforms such as **GitHub**, **GitLab**, or **Bitbucket**, additional credentials function only when data is being restored to an organization that those accounts have access to.
* [x] **Restoring to a user account** — if you are restoring data directly to a specific user's account (rather than an organization), additional credentials will be ignored. This is due to security policies — other users typically cannot create resources under another user’s personal profile.