Webjala
Register Login
← Back to help

Understanding Your Account Usage Limits

Platform

To ensure the platform remains fast and secure for everyone, we use "rate limits" to manage the volume of requests sent to our servers. Think of this as a speed limit for data that prevents accidental automation loops or malicious activity from slowing down your experience.

1. How Limits Apply to You

We categorize limits based on how you interact with the platform. Normal human browsing is unlikely to ever reach these thresholds.

Personal Access Tokens (PAT)

If you use scripts or custom tools to automate tasks, your PAT has specific limits:

  • Validation: You can verify a token up to 30 times per minute.

  • Updates: Creating or deleting tokens is limited to 10 times per minute.

OAuth & Sign-In

These limits protect your identity and connected applications:

  • Critical Actions: Logging in, registering, or requesting password resets are limited to 20 attempts per minute for recognized users or devices.

  • Security Fallback: If you are not logged in, the limit is 40 attempts per minute per IP address to protect against broad attacks.

General Application Usage

  • Standard browsing and page clicks are protected by an edge limit of 30 requests per second, which is more than enough for high-speed manual usage.

2. What Happens if You Reach a Limit?

If you exceed these frequencies, the platform will temporarily stop processing your requests and return a "429 Too Many Requests" message.

  • The "Retry" Action: For most general tasks, you simply need to wait a few seconds (as indicated in the message) and try again.

  • The "Logout" Action: On sensitive pages like Login, hitting a limit may automatically log you out. This is a security measure designed to stop unauthorized systems from "guessing" your credentials.

3. Best Practices for Automation

If you are building custom integrations with your Personal Access Tokens, follow these guidelines to ensure continuous service:

  1. Use Error Handling: Program your scripts to recognize the "429" error code. If received, the script should "sleep" or pause for the duration requested before retrying.

  2. Consolidate Requests: Instead of checking for data every second, try increasing the interval to every 30 or 60 seconds.

  3. Monitor Your Keys: Ensure your PATs are not being shared across too many simultaneous scripts, as they all count toward the same user bucket.