Reputation: 1225
How does an API service limit calls without a key?
How does an API service cap the number of calls an application can make if it is not using some sort of key? (Not relevant to all API services, I know).
What tells the API that a specific application has reached its limits? And then based on that, why does it need a key to say that this application does not have a cap on the number of calls it can make, assuming this is how the service works, such as the one with OpenDota API:
Use an API key to remove monthly call limits and to receive higher rate limits.
Totally new to APIs; my question is solely based on curiosity.
Upvotes: 1
Views: 378
Answers (1)
Reputation: 37069
APIs can limit hits based on IP address. When you make calls, API could record the IP the request came from and the date the call was made. When hits exceed the imposed limit, the API can shorten its processing and send back an exceeded-threshold message.
When you provide an API key, API might still record hits to the API by IP but also by API key. In the future if they want to impose limits, data can tell them what limit would be reasonable. When you sign up for an API, the company knows a bit more about you - such as your name and email or whatever information was required to sign up for a key. They can contact you if something wasn't working right, or send you marketing emails, and tell stakeholder how many registered users they have.
If no API key is provided, they don't know whether the requester is a reasonable target market or just hitting APIs for fun or malice.
Upvotes: 1
Related Questions
- Architecture: managing pool of api keys
- How does Google's API key restrictions work for mobile apps?
- API call request limit
- URL-Based API Key Restriction: How does validation works?
- API request limit
- Rate limiting an API with a special exception
- Why do some API providers require an API key?
- How to protect my API service from api-keys piracy
- Limiting API Requests
- How limit API calls?