Welcome to the new Box Support website. Check out all the details here on what’s changed.

Box Status

How rate limits are applied in case of Application user

Follow
New post
arpna

Hello,

 

I am working on developing an application using "Box-Node-SDK` and I am using JWT authentication. In my code, I initialize the SDK client by giving user-ids of managed users and am able to access their all files and folder successfully. The account has around 15 users.

 

Some of the users in account are are having less documents (few 100s) so less API calls are required to get list of all files and folders whereas some are having large volume (100K+) so more API calls are required.

 

If I run my application for only one user at a time, the application completes the lookup very quickly. But if I start lookup for all all users simultaneously, I am experiencing that application is taking more time to complete.

 

I am suspecting the API limits and backoff implemented in SDK are causing the delay which is fine but would like to understand how Box treats this requests - per user or per service account?

0

Comments

3 comments

Date Votes
  • Kourtney

    Hello , 

     

    Thanks so much for using our Platform and Development Forum! 

     

    Rate limits are implemented on a per-user basis. The two to be concerned about are 10 API calls per second per user and 4 uploads per second per user. If you're running into issues with rate limits we recommend spreading out your API calls across multiple users! 

     

    Best, 

    Kourtney 

    0
    Comment actions Permalink
  • arpna

    thanks for the reply.

     

    I am sorry to ask this again as I am a bit confused. My understanding is that the API limits mentioned are applicable if user is using OAUTH authentication.

     

    Does this limit holds true in case of Service Account as well which is described here - https://developer.box.com/v2.0/docs/setting-up-a-jwt-app

     

    One more clarification I would need, Will having a app per user help in rather than per enterprise help in getting API limits not impacting other users.

    0
    Comment actions Permalink
  • Kourtney

     

    No worries -- happy to help! 

     

    API limits are independent of the type of authentication you're using. Therefore, yes the Service Account of an Oauth2 JWT application will be held to these limits as well. 

     

    To answer your question: 

    "Will having an app per user help in rather than per enterprise help in getting API limits not impacting other users." 

     

    Since the API rate limits are implemented on a per-user basis, this wouldn't really help unless you're spreading out your API calls over multiple users. 

     

    Best, 

    Kourtney

     

     

    0
    Comment actions Permalink

Please sign in to leave a comment.