Rate limiting is used to protect services from excessive use and thereby maintain availability. Rate limiting on both the client side and the server side is critical for maximizing throughput and minimizing latency.To ensure all of our programs and their end users can reliably use the Solid APIs and other services, we rate-limit access to those services to ensure no program, its end users, or malicious hackers abuse access. When a program’s traffic exceeds their allocated rate limit, an HTTP 429 status code (Too Many Requests) is returned.
Solid’s cloud infrastructure limits all incoming traffic, including a Program’s incoming Solid API HTTP traffic, on a per-client-IP-address basis, to 1000 HTTP requests per rolling 5-minute window.
What happens if your program exceeds the rate limits?
When you hit the rate limits, your application will receive a 429 response, and you may try the request again when the traffic is reduced, but the best practice is to throttle your client side traffic before hitting the rate limits in the first place. Please see this article on Client side strategies.We may reduce limits to prevent abuse, or increase limits to enable high-traffic FinTech apps. Note that a client IP whose traffic persistently exceeds this limit by a large margin may be throttled even further.If you need a different limit (lower or higher), please create a help desk ticket with the reason for the change, and we will review the request.