Ohh. Then one user can make 150 authorized calls via consumer and deny service to others :(
On Thu, Jul 23, 2009 at 1:36 PM, Hwee-Boon Yar <hweeb...@gmail.com> wrote: > > It's working like you want it to be. > > In other words, you have a web app running on a single server with a > single IP. You make authenticated requests using each user's account. > If your IP is whitelisted, the calls go towards your 20k limit, if it > is not whitelisted, it goes against the current 150 limit for the > respective accounts. That's what it means by "IP whitelisting takes > precedence to account rate limits". > > -- > Hwee-Boon > > On Jul 23, 3:02 pm, srikanth reddy <srikanth.yara...@gmail.com> wrote: > > On Thu, Jul 23, 2009 at 12:07 PM, Abraham Williams <4bra...@gmail.com > >wrote: > > > > << > > Each user and each IP has 150 calls/hour. If five applications (desktop > or > > web) are making calls on behalf of a single user or IP they count against > > the same 150. Rate limiting has no connection to applications. > > > > > > > > Agreed. i have no issues with desktop apps as each user owns one (in > which > > case ip/user does not matter and am pretty happy with 150 limit). > > > > But i am trying to understand this ip limit for web apps > > > > The whole confusion is regarding this statement inhttp:// > apiwiki.twitter.com/Rate-limiting > > > > "IP whitelisting takes precedence to account rate limits. *GET requests > from > > a whitelisted IP address made on a user's behalf will be deducted from > the > > whitelisted IP's limit, not the users*. Therefore, IP-based whitelisting > is > > a best practice for applications that request many users' data" > > > > If the above holds true my consumer web app could end up serving very few > > authenticated users. As you said it should be the other way. > > May be some one who has developed and encountered this problem with a > webapp > > (with out being whitelisted) can confirm. > > > > Thanks > > Srikanth > > > > > > > > > > > > > On Wed, Jul 22, 2009 at 15:06, srikanth reddy < > srikanth.yara...@gmail.com>wrote: > > > > >> @Abraham: Does it mean my consumer app (not Desktop client) cannot > serve > > >> more than 150 authorized users/hour(if it is not white listed). It is > hard > > >> to believe. > > >> If it is desktop client the 150 limit is understandable. > > > > > Each user and each IP has 150 calls/hour. If five applications (desktop > or > > > web) are making calls on behalf of a single user or IP they count > against > > > the same 150. Rate limiting has no connection to applications. > > > > >> The blog post says > > > > >> "This limit applies to your Twitter account rather than the > applications > > >> which make the calls to the API i.e. you have 100 API calls per hour > in > > >> total regardless of which Twitter applications you use - it is NOT 100 > API > > >> calls per application" > > > > >> As you said > > > > >> "Also it used to be that user requests from a whitelisted IP would > > >> reflect on the users limit unless they had hit their rate limit at > which > > >> point it would count against the IP." > > > > >> its probably first user and then IP. > > > > > Yes. User then IP. > > > > >> " POST request have their own limits" > > >> yes i do not mean infinite calls but my consumer app should be able to > get > > >> more than 20k request tokens > > > > >> Thanks for your time. Really helpful > > >> Srikanth > > > > >> On Wed, Jul 22, 2009 at 7:41 PM, Abraham Williams <4bra...@gmail.com > >wrote: > > > > >>> In your first email you said "When I check an oAuth'd user's rate > limit, > > >>> he also seems gets 20000 API hits." so I'm not sure what you are > seeing. > > >>> Also it used to be that user requests from a whitelisted IP would > reflect > > >>> on the users limit unless they had hit their rate limit at which > point it > > >>> would count against the IP. I'm not sure if it still works this way > though. > > >>> Abraham > > > > >>> On Wed, Jul 22, 2009 at 08:43, sjespers <se...@webkitchen.be> wrote: > > > > >>>> @Abraham: If that were true then calling rate_limit_status should > give > > >>>> the same result... which it doesn't! > > > > >>>> On Jul 22, 3:26 pm, Abraham Williams <4bra...@gmail.com> wrote: > > >>>> > I recommend that you both read: > > >>>>http://apiwiki.twitter.com/Rate-limiting > > > > >>>> > Serge: If you have an IP that is white listed all applicable calls > > >>>> from that > > >>>> > IP will count against the 20000 limit. > > > > >>>> > Srikanth: That blog post says that twitter.com has no limit. It > says > > >>>> nothing > > >>>> > about anybody else not having a limit. The 20k is for GET requests > > >>>> however > > >>>> > POST request have their own limits. > > > > >>>> > Abraham > > > > >>>> > On Wed, Jul 22, 2009 at 03:07, srikanth reddy < > > >>>> srikanth.yara...@gmail.com>wrote: > > > > >>>> > > Hi > > >>>> > > I am also looking for this. The following post says there is no > > >>>> limit on > > >>>> > > calls from application > > > > >>>> > >http://tweetdeck.posterous.com/what-does-rate-limit-exceeded > > > > >>>> > > Rate limit is applicable on Get methods from ip/client. > > >>>> > > Can someone confirm if one can make unlimited calls (from an > app) to > > >>>> get > > >>>> > > request token? What is this 20000 limit? Is it for GET calls for > > >>>> authorized > > >>>> > > client/ip > > > > >>>> > > Regards > > >>>> > > Srikanth > > > > >>>> > > On Wed, Jul 22, 2009 at 1:24 PM, sjespers <se...@webkitchen.be> > > >>>> wrote: > > > > >>>> > >> Hi there, > > > > >>>> > >> I am a little bit confused by the API limits. > > > > >>>> > >> The server for my application is whitelisted. So it's limit is > > >>>> 20000 > > >>>> > >> API hits. > > >>>> > >> I use oAuth to authorize Twitter users. > > >>>> > >> When I check an oAuth'd user's rate limit, he also seems gets > 20000 > > >>>> > >> API hits. Is that true? > > > > >>>> > >> Also, when I call the Twitter API using the user's oAuth > > >>>> credentials, > > >>>> > >> which API limit gets that hit? The user's? Or the server's? > > > > >>>> > >> Thanks, > > >>>> > >> Serge > > > > >>>> > -- > > >>>> > Abraham Williams | Community Evangelist |http://web608.org > > >>>> > Hacker |http://abrah.am|http://twitter.com/abraham > > >>>> > Project |http://fireeagle.labs.poseurtech.com > > >>>> > This email is: [ ] blogable [x] ask first [ ] private. > > >>>> > Sent from Madison, WI, United States > > > > >>> -- > > >>> Abraham Williams | Community Evangelist |http://web608.org > > >>> Hacker |http://abrah.am|http://twitter.com/abraham > > >>> Project |http://fireeagle.labs.poseurtech.com > > >>> This email is: [ ] blogable [x] ask first [ ] private. > > >>> Sent from Madison, WI, United States > > > > > -- > > > Abraham Williams | Community Evangelist |http://web608.org > > > Hacker |http://abrah.am|http://twitter.com/abraham > > > Project |http://fireeagle.labs.poseurtech.com > > > This email is: [ ] blogable [x] ask first [ ] private. > > > Sent from Madison, WI, United States >
