question

Mark Brassington avatar image
Mark Brassington asked

How are playfab api endpoints rate limited

I am creating an api for game data access and processing and I will need to authenticate the playfab session ticket in api calls. I've searched around and found:

"Calling Client API endpoints from a script or other server won't work, as the Client API has a relatively low rate limit, which is currently enforced by IP Address"

suggests that we can use session tickets for auth in an api. does this mean that:

POST https://titleId.playfabapi.com/Server/AuthenticateSessionTicket

isn't rate limited? but that the client PlayFabClientAPI.whatever() is?

I'm concerned that if I'm using a server api for game data and processing, then all the auth requests would be coming from the one ip (the api) and therefore rate limited out.

if this is the case then what is the official solution for this?

also, is there a page which shows what the rate limits are? is it by account tier?

limitsAuthentication
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Neils Shi avatar image
Neils Shi answered

The post : “https://community.playfab.com/questions/53320/integrating-playfab-authentication-with-aspnet-cor.html ” you mentioned does not mean AuthenticateSessionTicket has no request limit (the API Server/AuthenticateSessionTicket’s current limit is 10,000 requests per 10 seconds). The post means since the session ticket will last around 24 hours, so you can cache the session ticket in your server to reduce the AuthenticateSessionTicket API calls. The limit of the Server API is much higher than Client APIs, and most of the server APIs request limits are based on the entity instead of ip. Currently, there is no public documentation to view rate limits.

2 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Mark Brassington avatar image Mark Brassington commented ·

Thanks for answering this, it's made things much clearer.

Since the entity in this case is the Title, does this mean that the 10,000 requests would be across the Title?

0 Likes 0 ·
Neils Shi avatar image Neils Shi Mark Brassington commented ·

This limit applies to all AuthenticateSessionTicket requests in a title and different titles will have their own limits.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.