Rate Limiting / Throttling

You can limit the number of times end users or anyone IP address can make calls using your API keys, directly from the Ipregistry dashboard and per API key:

  1. Open your dashboard.
  2. Click on "API Keys" in the left menu.
  3. Click on "Edit" for the key you want to rate limit.
  4. In the "Throttling / Rate limiting" section, select the "Set invocation limit per hour" dropdown option.
  5. Enter the number of lookups that are allowed per hour:

    Set invocation limit per hour

  6. Save your changes.

By default, rate limiting/throttling is disabled. In that case, the only limit is your credits balance.

Behavior

Throttling is based on an adaptation of the leaky bucket algorithm as described by Cloudflare:
https://blog.cloudflare.com/counting-things-a-lot-of-different-things

The rate limit is reset gradually each hour based on your usage in the last hour and the time elapsed since. This enables protection against traffic spikes.

Headers

Once enabled, all requests making use of throttling are returning the following additional HTTP headers in their response:

NameDescription
Retry-AfterIndicates how long the user agent should wait (in seconds) before making a follow-up request.
X-Rate-Limit-LimitIndicates how many look ups your application may make per time window. The time window is currently 1 hour but for the most reliable code, you should not assume this is the case — use the X-Rate-Limit-Reset header instead.
X-Rate-Limit-RemainingIndicates how many credits (lookups) you have remaining in this window.
X-Rate-Limit-ResetIndicates when the current window ends, in seconds from the current time.