Rate Limiting / Throttling
You can limit the number of times end users or anyone IP address can make calls using your API keys, directly from the Ipregistry dashboard and per API key:
- Open your dashboard.
- Click on "API Keys" in the left menu.
- Click on "Edit" for the key you want to rate limit.
- In the "Throttling / Rate limiting" section, select the "Set invocation limit per hour" dropdown option.
- Enter the number of lookups that are allowed per hour:
- Save your changes.
Rate limiting or throttling is NOT enabled by default. Your only constraint is the balance of credits available on your account.
Behavior
The rate limit is reset gradually each hour based on your usage in the last hour and the time elapsed since. This enables protection against traffic spikes.
Throttling is based on an adaptation of the leaky bucket algorithm as described by Cloudflare:
https://blog.cloudflare.com/counting-things-a-lot-of-different-things
Headers
Once enabled, all requests making use of throttling are returning the following additional HTTP headers in their response:
| Name | Description |
|---|---|
| Retry-After | Indicates how long the user agent should wait (in seconds) before making a follow-up request. |
| X-Rate-Limit-Limit | Indicates how many look ups your application may make per time window. The time window is currently 1 hour but for the most reliable code, you should not assume this is the case — use the X-Rate-Limit-Reset header instead. |
| X-Rate-Limit-Remaining | Indicates how many credits (lookups) you have remaining in this window. |
| X-Rate-Limit-Reset | Indicates when the current window ends, in seconds from the current time. |