Rate limits for API users


(AstonJ) #1

I want to create a sister app at some point that will post topics on to the forum via an API user account - is there any info available on rate limits for this? Can we ‘trust’ certain accounts so that rate limits do not apply?


(Felix Freiberger) #2

As far as I know, using an API key (generated in the admin interface) bypasses rate limits that are checked within the rails stack, e.g. limits on the number of posts.
It will not bypass the general limit on the number of requests per second enforced by nginx, but most likely, that won’t be a problem :slight_smile:


(Sam Saffron) #3

You can explicitly bypass validations if you are using the API and API key, the limits in general will hold though.


(AstonJ) #4

I’m not too bothered by validations Sam, but by-passing rate limits for specific accounts could be helpful.

Does the response include the specific error code if rate limits have been by-passed? That could be helpful if there’s no chance of including an option to by-pass…


(Sam Saffron) #5

I kind of worry about answering questions about problems that do not exist :blush:

If you hit the limits let me know and let me know what errors you are getting


(AstonJ) #6

I did actually hit the limit previously - we currently have 6 monthly giveaways and every night a cron runs to check whether there is a ‘bonus day’, if there is, it posts an update on the forum. What I was finding was the crons running later weren’t posting. However I’ve since changed the cron jobs to run a minute after each other. (This is fine for this situation.)

I’ll keep you posted re the other app (which will be posting via the API much more frequently) though I don’t expect this to go live for a few months yet.


(Mike) #7

We use discourse via API from a Rails server. Which means all the traffic coming from one IP. We have enough traffic that it hits the rate limiter. I second the need for an API exception to this rate limit.