I wrote PHP program with use Marketo REST API in our website's contact form on submit action.
That form is 1-50 conversion when 1 month, so I think REST API call count is 1-50 in 1 month.
And, our sales team configured SalesInsight.
But "Admin > Web Services > API Call Information" show me about 5000-7000 calls in 1day.
Is that influence of SalesInsight?
Solved! Go to Solution.
is the REST API call made on the client or the server?
If it's on the client, it's quite dangerous as it exposes you Marketo API credential to public access and make it possible for anyone to create a DoS attack on your Marketo instance and saturate your API daily quota.
From the client, you should use the Form2.0 API instead.
No, SalesInsight does count against your Marketo API.
oh, I see...,,
REST API call on the server. I think too client side execution is dangerous
Sorry, that form can't use Form API 2.0 because that form put on our made system.
My teammate contact Marketo JP Support then got message.
"I looked API request method name and call count since 06/19 - 07/08."
But I think not use "getActivities" because I'm marketo API admin for our teams and no reason to use "getActivities".
Using the REST API on a client is more than dangerous.
Then you obviously have another system connecting to Marketo. Maybe an ETL? a custom CRM interface? A, e-commerce system?
What CRM are you using?
Really!? I knew only put out form. I didn't know realy FormAPI!
Maybe, our forms can made FormAPI. I want to try in the near future.
We are using Salesforce.com.
Sales team using SF for new/exists customer sales. Marketing team using Marketo for our marketing, promotion, or other.
And I belong to development team for sales/marketing teams.
You must figure out who/what is consuming those calls. If you cannot account for it, it could be a hacker systematically siphoning off your data. I recommend an audit of all your API users (which may mean disabling access and seeing what breaks).
Marketo JP Support says, only 1 user.
Likewise, "API Call Information" show me 1 user.
I think account (or api token/secret) hijacked then more more call api.
5000-7000 calls per daily, not constant.
My program will be used a little calls per daily.
If someone only needs 5000-7000 calls per day to get what they need, that's all they'd use.
I would strongly recommend creating a new user for your use and deleting all other API users. It would freak me out to have an instance using thousands (or even a couple) of unexplained API calls.