Skip to main content

Rate Limiting

By default, the API has no rate limits configured on access. In order to enable rate-limiting, pass rateLimitConfigto the application on initialization.

The following three parameters are needed for setup:

  1. ipWhitelist: Array of strings. Specifies a list of ip addresses to not rate limit.
  2. max: Number. Specifies the max amount of requests that can be performed within the given time window.
  3. windowMs: Number. Specifies the window of time for limiting in milliseconds.

Setup

createNodeblocksAuthApp({
  rateLimitConfig: {
	  ipWhitelist: ['192.0.2.1', '203.0.113.45'],
	  max: 100,
	  windowMs: 60 * 60 * 1000, // 1 hour
	}
}).startService({
...
});
danger

At present, RateLimit is applied to all endpoints. It is not currently possible to specify individual RateLimits for each endpoint.