Need help understanding rate limit

[Mark Kendall]

I am doing GET and PUT requests using an API key that supposedly is limited to 10 requests/min. Results fall short:

Request: 1 Time: 1s Code: 200
Request: 2 Time: 1s Code: 200
Request: 3 Time: 5s Code: 200
Request: 4 Time: 9s Code: 200
Request: 5 Time: 13s Code: 200
Request: 6 Time: 17s Code: 429
Start dump...

object(SimpleXMLElement)[8]
  public 'httpCode' => string '429' (length=3)
  public 'httpMessage' => string 'Too Many Requests' (length=17)
  public 'message' => string 'Rate Limit Exceeded: Please decrease your request volume. To eliminate this message, keep your request rate below 0.5 requests per second. Clients that continue to receive this response may have their traffic throttled.' (length=219)
  public 'errorClass' => string 'RateLimitedException' (length=20)

That's only 6 requests in 17 seconds. Originally I was making unmetered requests and delaying for 60 seconds upon receiving a 429 response, but that approach only yielded 2-3 requests per minute, so I added a 3 sec delay between requests. Adding a 6 sec. delay only gets 7 requests in 50sec.

First, what is the best strategy for eeking out our full 10 request/min allowance?

Second, what do I need to do to increase our allowance? 10/min is not practical for writing more than a few dozen records, and we need to do some bulk database maintenance. There are OAuth keys on our account that I cannot access and have no idea what they are used for that are limited to 400/min and 1000/min. If we never use those volumes, can they be allocated to the API key that we do use? Or can we get higher limit by using OAuth instead of our current API key?

Thanks,

Mark Kendall
In White LLC

[Michael Carey]

Hi Mark,

We are no longer using a hard coded rate limit of 10 requests per minute, although it is still listed as such in under Settings > Client API Access. I've requested that this gets removed to avoid confusion. 

We are now making use of a leaky-bucket algorithm to control rate limiting. Writes are considered to be 10 units and reads are considered to be 1 unit. Currently during daytime periods (from 12:00PM to 6:00PM EST) the bucket size is 30 with a drip rate of 0.5 units per second. This increases to a bucket size of 60 and drip rate of 1 unit per second from 6:00PM to 9:00PM EST, and a bucket size of 180 and drip rate of 3 from 9:00PM to 9:00AM EST. From 9:00AM to 12:00PM EST the bucket size is 60 with a drip rate of 1. 

To give you an example, during daytime hours you would be able to perform 3 writes back to Lightspeed per minute, or 30 reads from Lightspeed each minute, or a combination of the two (ie. 1 write and 20 reads). During overnight periods, you could perform 18 writes or 180 reads per minute, or a combination of the two (ie. 8 writes and 100 reads). 

We have also begun returning the current bucket size and the level of the bucket in the response header. I recommend that you make use of these returned values to control your request rate. Here's an example of the response header: X-LS-API-Bucket-Level: 1/30

If your integration is being rate limited, you will see an error 429 returned. You must be prepared to slow the rate at which requests are being sent if you receive a 429 response. 

The existing OAuth tokens that you see in your account are for Advanced Reporting and the Customer Facing Display. These have higher rate limits because they were developed internally by Lightspeed. Third-party integrations are limited to the rates specified above. 

Thanks,

Mike

[Jeff]

Mark,

It would be really helpful if these limits were publicly documented instead of buried in an email thread somewhere...

~Jeff