Skip to main content

Is the API Rate Limit tied to an API Key? Or to an APP ID? Or a combination of both?



I have developed several websites that pull and/or sync data with Airtable, and while none of them individually will generate more than 5 requests per second, I’m now concerned that (since they’re all using the same API Key) they will collectively generate more than 5 requests per second.



However, if the Rate Limit is tied to the API Key and APP ID, I have nothing to worry about as each application is built using a different Airtable Base.



Please advise! Thanks!



I would be interested in the official line too. I always figured it’s per API key…


I would be interested in the official line too. I always figured it’s per API key…


Here’s the response I got:





Right now rate limiting is done by API key and source IP address. We have plans to change it to API key and base ID in the future.




How many requests per seconds has the plus and pro account?


How many requests per seconds has the plus and pro account?


AFAIK they’re all identical. Only the Enterprise version has custom limits.




Here’s the response I got:





Right now rate limiting is done by API key and source IP address. We have plans to change it to API key and base ID in the future.




It mean currently an User IP can request API 5 times/second, isn’t it?


Thank you!


It mean currently an User IP can request API 5 times/second, isn’t it?


Thank you!


You are correct sir.


You are correct sir.


Does it mean that in case of having 5 parallel calls to Airtable each executed in 200ms I then need to wait for 800ms to start requesting AirTable again?


Does it mean that in case of having 5 parallel calls to Airtable each executed in 200ms I then need to wait for 800ms to start requesting AirTable again?


You can do 5 calls in one second. Not 5 in 800ms. 🙂



But you’ll get an error back when you’re too quick…


You can do 5 calls in one second. Not 5 in 800ms. 🙂



But you’ll get an error back when you’re too quick…


I meant does it matter if I’ll have those 5 calls evenly distributed over the second or I do all of them together?


I meant does it matter if I’ll have those 5 calls evenly distributed over the second or I do all of them together?


I’m not sure how they calculate it, but I’ve fired bursts of calls (like you) before without running into problems…


From my testing, it looks as though 429 Rate Limiting currently occurs on a per-IP Address basis only, regardless of API Key used or Base queried.



For example, you could use 5 API keys, each querying a different base, and still get 429 Rate Limited because all the requests are coming from one IP Address.


Here’s the response I got:





Right now rate limiting is done by API key and source IP address. We have plans to change it to API key and base ID in the future.




@airtable_team do you know if this has been changed to “API key and base ID” yet? Thanks!


is this limitation still on Airtable ??


Here’s the response I got:





Right now rate limiting is done by API key and source IP address. We have plans to change it to API key and base ID in the future.




So, for example, if more than 100 people with different IPs access and record in one base from their cell phones, is there no problem?


So, for example, if more than 100 people with different IPs access and record in one base from their cell phones, is there no problem?




Typically all their requests would go through the same server with the same API key.



To have all those different IP addresses, the code would have to run on the client, which would mean exposing the API key, which is a se unity risk. Or it would mean that users would have to provide their API keys, which has problems of its own.


Reply