Added rate limit section to the API docs

Closes #3423
2024-11-24 03:42:32 +01:00 · 2022-05-09 15:12:29 +01:00 · 2022-05-09 15:12:29 +01:00 · 96436839f1
commit 96436839f1
parent b4f29a85ab
2 changed files with 21 additions and 1 deletions
--- a/resources/views/api-docs/index.blade.php
+++ b/resources/views/api-docs/index.blade.php
@ -15,6 +15,7 @@
                        <div class="mb-xs"><a href="#request-format">Request Format</a></div>
                        <div class="mb-xs"><a href="#listing-endpoints">Listing Endpoints</a></div>
                        <div class="mb-xs"><a href="#error-handling">Error Handling</a></div>
+                        <div class="mb-xs"><a href="#rate-limits">Rate Limits</a></div>
                    </div>

                    @foreach($docs as $model => $endpoints)
--- a/resources/views/api-docs/parts/getting-started.blade.php
+++ b/resources/views/api-docs/parts/getting-started.blade.php
@ -160,4 +160,23 @@
 		"message": "No authorization token found on the request"
 	}
 }
-</code></pre>
+</code></pre>
+
+<hr>
+
+<h5 id="rate-limits" class="text-mono mb-m">Rate Limits</h5>
+<p>
+    The API has built-in per-user rate-limiting to prevent potential abuse using the API.
+    By default, this is set to 180 requests per minute but this can be changed by an administrator
+    by setting an "API_REQUESTS_PER_MIN" .env option like so:
+</p>
+
+<pre><code class="language-bash"># The number of API requests that can be made per minute by a single user.
+API_REQUESTS_PER_MIN=180</code></pre>
+
+<p>
+    When the limit is reached you will receive a 429 "Too Many Attempts." error response.
+    It's generally good practice to limit requests made from your API client, where possible, to avoid
+    affecting normal use of the system caused by over-consuming system resources.
+    Keep in mind there may be other rate-limiting factors such as web-server & firewall controls.
+</p>