From 3905574d07bdff6295a597c36d240a34ce591099 Mon Sep 17 00:00:00 2001 From: Anand Chowdhary Date: Tue, 17 Nov 2020 13:58:10 +0530 Subject: [PATCH] :pencil: Add docs for rate limiting --- docs/configuration.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/configuration.md b/docs/configuration.md index 01a67b715..3e4a5806a 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -46,6 +46,25 @@ Alternately, if you want to use AWS SES, you should set these instead (note that To generate an access/secret key pair, you can create an IAM user with the permission `AmazonSESFullAccess`. For more details, read the article [Creating an IAM user in your AWS account](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html#id_users_create_console) on the AWS website. +### Rate limiting + +Staart API has three types of rate limits. When an endpoint is accessed, 1 point is consumed. There are also some endpoints that consume additional points (like logging in or creating an account consumes 10 points). The types of rate limits are: + +1. "Public" for unauthenticated requests (250 points/hour) +2. "Authenticated" for requests with a user access token (5k points/hour) +3. "API key" for (automated) requests using an API key (10k points/hour) + +You can set the rate limits for each of these categories. By default, the rate limit resets after one hour: + +| Environment variable | Description | Default | +| ----------------------------------- | -------------------------------- | ------- | +| `RATE_LIMIT_PUBLIC_POINTS` | Maximum points for public | 250 | +| `RATE_LIMIT_PUBLIC_DURATION` | Reset duration for public | 3600 | +| `RATE_LIMIT_AUTHENTICATED_POINTS` | Maximum points for authenticated | 5000 | +| `RATE_LIMIT_AUTHENTICATED_DURATION` | Reset duration for authenticated | 3600 | +| `RATE_LIMIT_API_KEY_POINTS` | Maximum points for API key | 10000 | +| `RATE_LIMIT_API_KEY_DURATION` | Reset duration for API key | 3600 | + ## Optional services ### ElasticSearch