cortexproject
diff --git a/‎.github/workflows/test-build-deploy.yml‎
Lines changed: 6 additions & 0 deletions b/‎.github/workflows/test-build-deploy.yml‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎docs/api/_index.md‎
Lines changed: 61 additions & 0 deletions b/‎docs/api/_index.md‎
Lines changed: 61 additions & 0 deletions
diff --git a/‎docs/configuration/v1-guarantees.md‎
Lines changed: 2 additions & 0 deletions b/‎docs/configuration/v1-guarantees.md‎
Lines changed: 2 additions & 0 deletions
@@ -189,6 +189,9 @@ jobs:
           - runner: ubuntu-24.04
             arch: amd64
             tags: integration_memberlist
+          - runner: ubuntu-24.04
+            arch: amd64
+            tags: integration_overrides
           - runner: ubuntu-24.04
             arch: amd64
             tags: integration_querier
@@ -213,6 +216,9 @@ jobs:
           - runner: ubuntu-24.04-arm
             arch: arm64
             tags: integration_memberlist
+          - runner: ubuntu-24.04
+            arch: arm64
+            tags: integration_overrides
           - runner: ubuntu-24.04-arm
             arch: arm64
             tags: integration_ruler
 
@@ -67,6 +67,9 @@ For the sake of clarity, in this document we have grouped API endpoints by servi
 | [Delete Alertmanager configuration](#delete-alertmanager-configuration) | Alertmanager || `DELETE /api/v1/alerts` |
 | [Tenant delete request](#tenant-delete-request) | Purger || `POST /purger/delete_tenant` |
 | [Tenant delete status](#tenant-delete-status) | Purger || `GET /purger/delete_tenant_status` |
+| [Get user overrides](#get-user-overrides) | Overrides || `GET /api/v1/user-overrides` |
+| [Set user overrides](#set-user-overrides) | Overrides || `POST /api/v1/user-overrides` |
+| [Delete user overrides](#delete-user-overrides) | Overrides || `DELETE /api/v1/user-overrides` |
 | [Store-gateway ring status](#store-gateway-ring-status) | Store-gateway || `GET /store-gateway/ring` |
 | [Compactor ring status](#compactor-ring-status) | Compactor || `GET /compactor/ring` |
 | [Get rule files](#get-rule-files) | Configs API (deprecated) || `GET /api/prom/configs/rules` |
@@ -888,6 +891,64 @@ Returns status of tenant deletion. Output format to be defined. Experimental.
 
 _Requires [authentication](#authentication)._
 
+## Overrides
+
+The Overrides service provides an API for managing user overrides.
+
+### Get user overrides
+
+```
+GET /api/v1/user-overrides
+```
+
+Get the current overrides for the authenticated tenant. Returns the overrides in JSON format.
+
+_Requires [authentication](#authentication)._
+
+### Set user overrides
+
+```
+POST /api/v1/user-overrides
+```
+
+Set or update overrides for the authenticated tenant. The request body should contain a JSON object with the override values.
+
+_Requires [authentication](#authentication)._
+
+### Delete user overrides
+
+```
+DELETE /api/v1/user-overrides
+```
+
+Delete all overrides for the authenticated tenant. This will revert the tenant to using default values.
+
+_Requires [authentication](#authentication)._
+
+#### Example request body for PUT
+
+```json
+{
+  "ingestion_rate": 50000,
+  "max_global_series_per_user": 1000000,
+  "ruler_max_rules_per_rule_group": 100
+}
+```
+
+#### Supported limits
+
+The following limits can be modified via the API:
+- `max_global_series_per_user`
+- `max_global_series_per_metric`
+- `ingestion_rate`
+- `ingestion_burst_size`
+- `ruler_max_rules_per_rule_group`
+- `ruler_max_rule_groups_per_tenant`
+
+#### Hard limits
+
+Overrides are validated against hard limits defined in the runtime configuration file. If a requested override exceeds the hard limit for the tenant, the request will be rejected with a 400 status code.
+
 ## Store-gateway
 
 ### Store-gateway ring status
 
@@ -33,6 +33,8 @@ Cortex is an actively developed project and we want to encourage the introductio
 
 Currently experimental features are:
 
+- Overrides API
+  - Runtime configuration API for managing tenant limits
 - Ruler
   - Evaluate rules to query frontend instead of ingesters (enabled via `-ruler.frontend-address`).
   - When `-ruler.frontend-address` is specified, the response format can be specified (via `-ruler.query-response-format`).