I have an angularjs app that calls a RESTful service at apiary.io
Does apiary.io throttle responses and delay responses after a certain number have been received?
If so what are the parameters?
Currently, Apiary limits you for 120 reqs/minute/IP.
There are no artificial delays, but occasionally someones floods Apiary with production traffic and even when ratelimiting is fairly efficient, it may temporarily degrade service for other users.
You can (and should) check X-Apiary-RateLimit-Limit and X-Apiary-RateLimit-Remaining header. Once you'll hit the limit, Apiary will sent Retry-After header you should obey.
From their docs:
API Call Limit
API calls are subject to the default limit of 15 requests per second and exceeding this limit will result in all endpoints returning an HTTP status code of 429. Limits are per API key. If the limit is exceeding then the API Key will be blocked for the remainder of the sample period. If an API key continually hits the call limit we reserve the right to permanently block the key and to charge a fee to unblock the key.
To determine the API call amount we monitor the traffic over a sample period. If the traffic results in a particular API key reaching 80% of the limit (i.e., 12 if the limit is 15) over the sample period then the responses will start to contain a throttle node which contains useful information on how close you are to reaching the call limit.
Related
I'm currently using an API Gateway to listen for web-hooks, and then the web-hook's payload is then offloaded to a lambda. The problem is that the web-hook's payload size can vary. I'm aware that API Gateway's allows for request of 10 MBs; while, lambdas allow only up to 6 MBs. Due to that, I don't want accept any payloads that exceed 6 MB. So I'm wondering if there's any way to filter out request prior to hitting my lambda that exceed 6MBs or some desired amount?
Also I've look into AWS' WAF, but that seems to only apply to request under 8KB if you use a size constraint statement. I don't think this would work in my case as I can easily see the payloads exceeding that amount.
What is default api rate limit of brain tree?
Because after very requests in a time period I am getting 403(Too many request) exception.
Raised when requests associated with your account reach unsafe levels. We may limit API resources by merchant if activity risks negative impact to other merchants.
https://developers.braintreepayments.com/reference/general/exceptions/node#too-many-requests-error
I have a REST API that is expected to receive a large payload as request body. The API calls a blocking method that takes 2 seconds to process each request and then returns 200 OK. I wish to introduce throttling based on available memory such that the API returns 429 Too Many Request when the available memory falls below a threshold.
When the threshold condition is met, I wish to reject subsequent requests right away, even before loading the large request payloads in my application memory. This will also give me some protection against denial of service attacks.
In a Java EE, Tomcat environment, if I use a Filter to check available memory, I understand the complete request is already loaded in memory. Is it then better to add the check in ServletRequestListener.requestInitialized method so that I can reject the request even before the app receives it?
P.S. I use the below formula to calculate available memory based on this SO post:
long presumableFreeMemory =
Runtime.getRuntime().maxMemory()
- Runtime.getRuntime().totalMemory()
+ Runtime.getRuntime().freeMemory();
We currently use our applications to download some pins information for analytics purposes
Currently we hit the API on hourly basis but we have some problems with rate limiting, so we need the following questions to be addresses:
The documentation states that the rate limit is 1000 calls per hour per user token per endpoint. By looking at the HTTP headers apparently the actual limit is 200. So, which is the correct one?
Are GET /v1/pins/1234 and GET /v1/pins/5678 considered to be a call to the same endpoint?
Are there any application level (so, despite of the used user token) rate-limit in place?
Are there any IP level rate limits?
Since we use concurrent requests, are there any limitation on the number of CONCURRENT request? (which means: make another call from the same IP and using the same token, even if the previous one hasn't ended yet)
Thanks in advance.
PS: I tried to contact them via support form, but it returns a 422. Which is awesome!
For apps that is still in development stage the limit is 200. You will get 1000 if your apps passed the review.
The documentation states that the rate limit is 1000 calls per hour
per user token per endpoint. By looking at the HTTP headers
apparently the actual limit is 200. So, which is the correct one?
Ans: Its 10 per token per app id per hour for app in development(tested), 1000 per token per hour for production app.
Are there any application level (so, despite of the used user token)
rate-limit in place?
Ans: No, rate limit will be 10(app in development) or 1000(approved app)/hour for each tokens you have
Are there any IP level rate limits?
Ans: No
Since we use concurrent requests, are there any limitation on the number of CONCURRENT request? (which means: make another call from the same IP and using the same token, even if the previous one hasn't ended yet)
Ans: No there is no such limit but they will probably check for bot activity and you may end up with banned account, so please do maintain some delay in between requests for same token IMO 12 seconds should be enough
We used Live stream API to create live broadcast events, but it hit userRequestsExceedRateLimit when create live broadcast (POST /liveBroadcasts/insert). And Docs didn't specify any exactly rate limit number. Can help us to find max rate limit ,5 requests/sec or 8 requests/sec?
Here is error message (request rate 10/sec)
{
code:403,
errors:[{
domain:"youtube.liveBroadcast",
reason:"userRequestsExceedRateLimit",
message:"User requests exceed the rate limit."
}]
}
The official docs on rateLimitExceeded say:
The request was sent too quickly after the previous request. This error occurs when API requests to retrieve messages are being sent more frequently than YouTube's refresh rates, which unnecessarily wastes bandwidth and quota.
Every request to the YouTube API has a cost and rate limit, all of which add towards your quota. You can use a tool such as the YouTube Bulk Reports API to track your requests to see which ones in particular are causing you to go over your quota. All Live Streaming API calls (write operations) cost about 50 units. You can check the quota available to your application in the Developers Console.
In the Developers Console under YouTube Data API v3, make sure your "Per-user limit" under "Quotas" is set to the maximum value of 3,000 requests/second/user. If you're going over that, you will need to contact Google to increase your quota.