Rate Limiting / Throttling
You can limit the number of times end users or anyone IP address can make calls using your API keys, directly from the Ipregistry dashboard:
- Open your dashboard.
- Click on "API Keys" in the left menu.
- Click on "Edit" for the key you want to filter origins.
- In the "Throttling / Rate limiting" section, select "Set invocation limit per hour" for the dropdown option.
- Enter the URL prefix of the origins that are allowed:
- Save your changes.
By default, rate limiting/throttling is disabled. In that case, the only limit is your credits balance.
Throttling is based on an adaptation of the leaky bucket algorithm as described by Cloudflare:
The rate limit is reset gradually each hour based on your usage in the last hour and the time elapsed since. This enables protection against traffic spikes.
Once enabled, all requests making use of throttling are returning the following additional HTTP headers in their response:
|Retry-After||Indicates how long the user agent should wait (in seconds) before making a follow-up request.|
|X-Rate-Limit-Limit||Indicates how many look ups your application may make per time window. The time window is currently 1 hour but for the most reliable code, you should not assume this is the case — use the |
|X-Rate-Limit-Remaining||Indicates how many credits (lookups) you have remaining in this window.|
|X-Rate-Limit-Reset||Indicates when the current window ends, in seconds from the current time.|