GitHub Community
Clarity on Secondary Rate Limit scoping #197329
Replies: 2 comments
-
|
Good question. As far as I know, GitHub hasn't publicly documented the exact scoping of secondary rate limits. My understanding is that they're not simply tied to the primary rate limit bucket (user/token/installation). They appear to be based on overall request patterns and abuse-prevention heuristics, which may take into account factors such as concurrency, burst rate, endpoint usage, and possibly shared infrastructure characteristics. So while IP address may be one factor, it doesn't seem to be the only one, and GitHub intentionally keeps the details somewhat opaque to prevent abuse. I'd be interested to hear if anyone from GitHub can clarify how secondary limits are scoped in practice. |
Beta Was this translation helpful? Give feedback.
This comment was marked as low quality.
This comment was marked as low quality.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
🏷️ Discussion Type
Question
💬 Feature/Topic Area
API
Body
Looking at the docs for rate limiting, it's clear to me that primary rate limits are scoped (i.e., per user/token/installation). Are secondary rate limits scoped in the same way? If not, how are they scoped? Perhaps, is it IP-based?
Beta Was this translation helpful? Give feedback.
All reactions