How rate limits are applied in case of Application user
Hello,
I am working on developing an application using "Box-Node-SDK` and I am using JWT authentication. In my code, I initialize the SDK client by giving user-ids of managed users and am able to access their all files and folder successfully. The account has around 15 users.
Some of the users in account are are having less documents (few 100s) so less API calls are required to get list of all files and folders whereas some are having large volume (100K+) so more API calls are required.
If I run my application for only one user at a time, the application completes the lookup very quickly. But if I start lookup for all all users simultaneously, I am experiencing that application is taking more time to complete.
I am suspecting the API limits and backoff implemented in SDK are causing the delay which is fine but would like to understand how Box treats this requests - per user or per service account?
-
Hello ,
Thanks so much for using our Platform and Development Forum!
Rate limits are implemented on a per-user basis. The two to be concerned about are 10 API calls per second per user and 4 uploads per second per user. If you're running into issues with rate limits we recommend spreading out your API calls across multiple users!
Best,
Kourtney
-
thanks for the reply.
I am sorry to ask this again as I am a bit confused. My understanding is that the API limits mentioned are applicable if user is using OAUTH authentication.
Does this limit holds true in case of Service Account as well which is described here - https://developer.box.com/v2.0/docs/setting-up-a-jwt-app
One more clarification I would need, Will having a app per user help in rather than per enterprise help in getting API limits not impacting other users.
-
No worries -- happy to help!
API limits are independent of the type of authentication you're using. Therefore, yes the Service Account of an Oauth2 JWT application will be held to these limits as well.
To answer your question:
"Will having an app per user help in rather than per enterprise help in getting API limits not impacting other users."
Since the API rate limits are implemented on a per-user basis, this wouldn't really help unless you're spreading out your API calls over multiple users.
Best,
Kourtney
Please sign in to leave a comment.
Comments
3 comments