Customer is claiming that by using existing user session token they are able to create unlimited number of portal entities.

The current product supports rate limiting for PAPI and public endpoints. However, rate limiting is not available for active user sessions (where users log in using a username and password).

All Supported versions of API Developer Portal.

Product Management has shared that they will consider adding rate limiting support for additional endpoints in a future API Developer portal release in mid to late 2026.