Rate limits

Rate-limiting is applied to all accesses to NERD, both via web interface and API. By default, each user can make one query per second (short bursts of faster queries are allowed, see below). When the rate-limit is exceeded, error 429 Too many requests is returned.

Rate-limiting is applied per user (or source IP address if no user is logged in). Accesses via web interface and API are counted together. It is possible to configure a different limit for a specific user if needed -- contact admins if you need to query NERD more often.

The rate-limiting is implemented by token bucket algorithm. By default, each user has a bucket which can hold up to 60 tokens. Tokens are added at the rate of 1 token per second. Most of the web and API queries cost 1 token (some special queries may cost more). When there's no token left in the bucket, the qeury fails with the 429 error code. Therefore, the first 60 queries can be done immediately, then the bucket gets empty and the user needs to wait for at least one second until a new token is added.

In the future (planned, but not implemented yet), responses will be artificially delayed to allow only the given number of requests per second without returning errors. This will work only when sending queries sequentially. When multiple queries are sent in parallel, those that exceed the rate-limit will still return the error code.