API rate Limits Flashcards
What is a api rate limit
a way for a web service to control the number of requests a user or application can make per defined unit of time, and implementing them is considered a best practice for public and unrestricted APIs. Rate limiting helps:
avoid a server overload from too many requests at once
provide better service and response time to all users
protect against a denial-of-service (DoS) attack
Describe the leaky bucket algorithm
puts all incoming requests into a request queue in the order in which they were received. The incoming requests can come in at any rate, but the server will process the requests from the queue at a fixed rate. If the request queue is full, the request is rejected.
Describe the token algorithm
The token bucket algorithm gives each user a defined number of tokens they can use within a certain increment of time, and those tokens accumulate until they’re used. When the client does make a request, the server checks the bucket to make sure that it contains at least one token. If so, it removes that token and processes the request. If there isn’t a token available, it rejects the request.
Describe Fixed Window counter
The fixed window counter algorithm is similar to the token bucket, except for two major differences: first, it uses a counter rather than a collection of tokens, and second, the counter cannot be accumulated. For this algorithm, a fixed window of time is assigned a counter to represent how many requests can be processed during that period. When the server receives a request, the counter for the current window of time is checked to make sure it is not zero. When the request is processed, the counter is deducted. If the limit for that window of time is met, all subsequent requests within that window of time will be rejected. When the next window of time begins, the counter will be set back to the pre determined count and requests can be processed again.
Describe the Sliding widow counter
The sliding window counter algorithm allows a fixed number of requests to be made in a set duration of time. This duration of time is not a fixed window and the counter is not replenished when the window begins again. In this algorithm, server stores the timestamp when the request is made. When a new request is made, the server counts how many requests have already been made from the beginning of the window to the current time in order to determine if the request should be processed or rejected. For example, if the rate is five requests per minute, when the server receives a new request, it checks how many requests have been made in the last 60 seconds. If five requests have already been made, then the new request will be rejected.
What is a webhook
an HTTP callback, or an HTTP POST, to a specified URL that notifies your application when a particular activity or “event” has occurred in one of your resources on the platform
What are the steps needed to diagnose status codes returned from an api
Step 1: Check the return code. It can help to output the return code in your script during the development phase.
Step 2: Check the response body. Output the response body during development; most of the time you can find what went wrong in the response message sent along with the status code.
Step 3: If you can’t resolve the issue using the above two steps, use the status code reference to understand the definition of the status code. Let’s look at these codes in more detail so you can understand what they actually mean.
