I’ve noticed that even when using an API key, I run into both the 12 requests per second limit in nginx and the per-user post limits. It makes scripting against Discourse very difficult. Is there a way that this can be disabled for requests that include a valid API key?

Not really, no, since it implies nginx (the thing enforcing the limits) would be able to test the validity of the API key when it is far upstream of all that… [图片] rcfox: It makes scripting against Discourse very difficult Also that’s by design, wouldn’t you say :wink:

So, just spit-balling here: I don’t know very much about configuring nginx, so maybe this isn’t possible. How about a /api/ location that would require HTTP auth using the API key, and then rewrites the URL to the normal URL, and doesn’t have a rate limit? You could perhaps write to the auth confi…

The per-user post rate limits will be disabled if the acting user is an admin. As for requests per second, what kind of scripting are you doing?

Automated posting as users, grabbing a bunch of topics to get stats, migrating data from older systems. Stuff like that.

[图片] rcfox: migrating data from older systems Have you looked at the import scripts? They run as Ruby code, much more suited to one-shot creating a lot of posts. For grabbing stats from a bunch of topics, I suggest either funneling the requests through a queue or grabbing “request tokens” fr…

[图片] riking: The per-user post rate limits will be disabled if the acting user is an admin. This is old, but … it’s pretty relevant. I was looking for the same thing. I’m using the API to report bad players for a game. This shouldn’t be limited. However, our BOT account doesn’t need to access…

You could simply increase the problematic rate limits in the site settings. This isn’t really a problem that has come up in the past - usually, bots that needed to bypass rate limits also were doing something else that required either admin or acting as arbitrary users.

[图片] riking: You could simply increase the problematic rate limits in the site settings. Actually, I did try adding my bot admin to test it – I am still running into rate limitations, every now and then. Do you happen to know anything about this? While debugging, I’m testing once every few mi…

It’s probably the nginx web server rate limits - it has additional short-term request-counted rate limits. The Discourse rate limits are there to protect against bad behavior and generally expire per day. The nginx ratelimits are there to protect against flooding. As you just noticed in your edit, …

How to bypass rate limiter when using an API key?

支持安装

dylanh724 (dh) 2017 年9 月 18 日 16:09 11

Ahh that makes more sense.

I wonder if there’s a way to delay requests instead of just 422 them

话题		回复	浏览量
Rate limits for API users Dev rest-api	14	2919	2024 年3 月 14 日
How to avoid throttling limits with admin API key? Dev rest-api	11	1866	2024 年3 月 12 日
Any way to turn off RateLimiter temporarily for bulk creation by admin? Dev	19	1420	2024 年5 月 29 日
I changed all the rate limits I could find, but still hit a limit somewhere Self-hosting unsupported-install	4	644	2022 年11 月 9 日
500 Errors on Rate Limit When Using the Admin API Via Keys Support	9	2030	2023 年3 月 7 日

How to bypass rate limiter when using an API key?

相关话题