Rate limit API endpoints
This article contains a summary of the endpoints you can control using rate-limiting. You can change the rate limits for these endpoints using the THROTTLING_RATES environment variable.
Standard endpoints
Endpoint name |
Description |
Default rate (per user) |
|---|---|---|
|
Anonymous requests not covered by other limits |
1000 per hour |
|
Authenticated requests not covered by other limits |
2000 per hour |
|
Authenticated POST requests |
1000 per hour |
|
Anonymous POST requests |
1000 per day |
|
Authenticated GET requests |
10000 per hour |
|
Anonymous GET requests |
10000 per day |
|
Authenticated GET requests on resource details |
10000 per hour |
|
Anonymous GET requests on resource details |
10000 per day |
|
Authenticated DELETE requests on resource details |
500 per hour |
|
Anonymous DELETE requests on resource details |
1000 per day |
|
Authenticated PATCH and PUT requests on resource details |
1000 per hour |
|
Anonymous PATCH and PUT requests on resource details |
1000 per day |
|
All Subsonic API requests |
2000 per hour |
User action endpoints
Endpoint name |
Description |
Default rate (per user) |
|---|---|---|
|
User login |
30 per hour |
|
User signup |
10 per day |
|
Email address confirmation |
20 per hour |
|
Password change (when authenticated) |
20 per hour |
|
Password reset request |
20 per hour |
|
Password reset confirmation |
20 per hour |
|
Fetch remote objects |
200 per day |
Dangerous endpoints
Endpoint name |
Description |
Default rate (per user) |
|---|---|---|
|
Authenticated report submissions |
100 per day |
|
Anonymous report submissions |
10 per day |
|
Authenticated OAuth app creation |
10 per hour |
|
Anonymous OAuth app creation |
10 per day |
|
OAuth app authorization |
100 per hour |
|
OAuth token creation |
100 per hour |
|
OAuth token deletion |
100 per hour |