CODEWITHSUNDEEP
node.jsgoogle-apigoogle-plusgoogle-oauth
sujithkrishnan
sujithkrishnan

Reputation: 71

Google+ API rate limit for OAuth based authentication for multiple users

Is there any API rate limit for OAuth based G+ authentication.

Scenario

Consider 1000+ people are hitting my code to authenticate their G+ account at same time.

I'm using googleapis nodejs module for authentication

var google = require('googleapis');
var OAuth2 = google.auth.OAuth2;
var plus = google.plus('v1'); 
var oauth2Client = new OAuth2(appId, appSecret, callbackURL);
    var scopes = [
                  'https://www.googleapis.com/auth/plus.me',
                  'https://www.googleapis.com/auth/userinfo.email'
                  ];
    var url = oauth2Client.generateAuthUrl({
        access_type: 'offline', // 'online' (default) or 'offline' (gets refresh_token) 
        scope: scopes // If you only need one scope you can pass it as string 
    });


    oauth2Client.getToken(googleCode, function(err, tokens) {
        if(!err) {
            oauth2Client.setCredentials(tokens);
            logger.debug(":: G+ access token ::" + JSON.stringify(tokens));
            var accessTokenJsonObj = JSON.stringify(tokens);
            oauth2Client.setCredentials({
                access_token: tokens.access_token,
                refresh_token: tokens.refresh_token
            });
            plus.people.get({ userId: 'me', auth: oauth2Client }, function(err, response) {
                // handle err and response 
                if(!err) {
                }
            }
     }

By looking google documentation I got below details.

Per user limit : 5 requests/second/user

Is there any API rate limit per day basis to OAuth based authentication for multiple users

Thanks

Upvotes: 0

Views: 576

Answers (2)

breno
breno

Reputation: 3296

Also, if you're using exchanging refresh_tokens, the authorization code response includes an id_token that encodes the user_id.

So you may avoid having to call the people.get API on every sign-in -- though you may want to do so to preserve the user's profile up to date.

See https://developers.google.com/identity/protocols/OpenIDConnect?hl=EN#obtainuserinfo for more info

Upvotes: 0

Scarygami
Scarygami

Reputation: 15569

The authentication itself doesn't have an limit (to my knowledge), the calls to the Google+ API are limited though.

The plus.people.get calls use your Sign-in Quota which allows 20,000,000 requests per day by default, total for all your users, so if you are not doing any other calls to the Google+ API you can handle 20,000,000 sign-ins per day.

You can check your quota in the Google Developers Console by choosing your project > APIs & Auth > APIs > Enabled APIs > Google+ API > Quotas.

You can also request more quota from that page if necessary.

Upvotes: 3

Related Questions