Rate Limiting
Per-API-key rate limits enforced in src/lib/client-api/rate-limit.ts.
Overview
Each API key has independent buckets. Limits reset on a rolling window per bucket.
Limits by Bucket
| Bucket | Limit | Window | Routes |
|---|---|---|---|
user_read | 60 | 1 minute | GET /users/me |
user_prefs | 30 | 1 minute | PATCH /users/me/preferences |
upload | 50 | 1 hour | POST /files/upload |
list | 100 | 1 hour | GET /files/list, GET /list |
download | 200 | 1 hour | GET/HEAD /files/download/{file_id} |
folder | 100 | 1 hour | POST /create-folder, GET /info/{path} |
file_ops | 100 | 1 hour | PUT /move, POST /copy-folder, POST /duplicate, PUT /privacy, DELETE /{path} |
trash | 50 | 1 hour | GET /trash, POST /trash/restore, POST /trash/empty |
permissions | 100 | 1 hour | POST /permissions/grant, GET/PUT/DELETE /permissions/{id} |
Response Headers
Every successful client API response includes:
X-RateLimit-Limit- max requests in the windowX-RateLimit-Remaining- requests leftX-RateLimit-Reset- Unix timestamp when the window resets
Handling 429
async function apiWithRetry(fn, maxRetries = 3) {
for (let i = 0; i < maxRetries; i++) {
const res = await fn();
if (res.status !== 429) return res;
const retryAfter = Number(res.headers.get("Retry-After") ?? 60);
await new Promise((r) => setTimeout(r, retryAfter * 1000));
}
throw new Error("Rate limit exceeded");
}Was this page helpful?