How many times can you call the github public api? - api

I am trying to build an application that will call the following public api:
https://api.github.com/repos/timothyylim/moscow-road/issues
thousands of times a day, is this possible?
I've tried reading through the documentation:
https://developer.github.com/v3/#increasing-the-unauthenticated-rate-limit-for-oauth-applications
But I've tested it on my browser and I can definitely call refresh the page with that url more than 60 times that is apparently the limit.
Thank you in advance.

From the GitHub Developer Documentation.
For requests using Basic Authentication or OAuth, you can make up to
5,000 requests per hour. For unauthenticated requests, the rate limit
allows you to make up to 60 requests per hour. Unauthenticated
requests are associated with your IP address, and not the user making
requests. Note that the Search API has custom rate limit rules.

Related

Increase the limit of 20 instagram api request

I have a php script to follow the followers of famous person, this script uses instagram api to do this.
When the script runs, it follows few persons of the overall list of users. How can I increase the "20" limit of this request ?
Any idea ?
Instagram just changed their limits, I have a website: http://instapromobiz.com that can follow/unfollow 60 users an hour.
You must first disable implicit (client side) authentication and then enforce signed headers in your client manager. Then when making a request sign your headers. See here:
http://instagram.com/developer/restrict-api-requests/

How webpages like Statigram doesn't exceed Instagram API rate limits

Well, pretty much what it says on the tin.
I'm really curious about how pages like Statigram do their search functionality without users authentication and not exceeding the limits?
If I'm correct, Instagram API allows 5000 calls per hour, so I believe it's very likely that they indeed have more traffic than 5000 requests per hour.
Maybe It's a dumb question and Statigram has a special deal with Instagram to use their API or maybe they don't use the API and they use some other method?
The only special request you have to send to Instagram is the request to post comments.
The API limit is 5000 requests per hour per access_token or client_id. Every user has their own access_token, so as long as the requests from the third party application uses each individual access token, they will be hard pressed to exceed 5000 per user per hour.
That works out to 83 requests per minute and any user interacting with your application is highly unlikely to hit that.
From the docs:
You are limited to 5000 requests per hour per access_token or client_id overall. Practically, this means you should (when possible) authenticate users so that limits are well outside the reach of a given user.
If you are not using user authentication, you will likely hit the limit with just your client_id.
Most likely they're using one of the following methods:
An arrangement with Instagram
Credential rotation
IP rotation
Heavy caching (especially across credentials or IPs)
Screenscraping
In cases like this, if you don't have a special arrangement, you're almost certainly violating the terms of service. If you think your service is useful enough that Instagram would be willing to whitelist you to make more requests, get in touch with them.
They must have some sort of arrangement with Instagram as #RunscopeAPITools mentions. You are able to post comments to Instagram from Statigram, which requires special permission.

Is the Twitter Search API affected by the recent Twitter API changes?

I've been building an app which allows the user to search through recent (i.e. 6-9 days worth) public tweets on Twitter using the Twitter Search API.
Currently, the site is entirely public - that is, users do not need to sign in to Twitter (or even be Twitter users at all) to use my app.
However, the upcoming changes to the Twitter API have left me confused, particularly the fact it would appear that every request to Twitter's API will need to be authenticated.
My limited understanding of how Twitter's API works is that I need to authenticate my app using OAUTH, which in turn means that, if I want to continue accessing the Twitter Search API, users will need to sign in to my site before they can use the functionality related to the Search API - hence, only Twitter users will be able to use that section of my app.
Am I understanding this correctly, or is the Twitter Search API exempt from the changes? If I authenticate my app, does this mean the rate at which users can search Twitter status updates through my app is increased (or any other advantages over having non-authenticated apps)? Note that I am currently implementing a caching feature to cache related searches.
Thanks!
The changes to the Twitter API would affect your application depending on how your application works. These are the changes that you should be aware of:
All requests used to be anonymous. Now, all requests must be authenticated via OAuth.
With the old rate limits, according to my tests, you where able to make about one request per second per IP address. Now you can make 180 requests per 15 minute block per authenticated user (1 request every 5 seconds on average).
Not related, but still worth mentioning, the data that the new API returns is more similar to the data that the Streaming API returns. It's much more complete.
So, according to these changes, if your application uses some kind of a bot which polls the Search API, stores the results into a database, and then your users search within these stored results; you will have to implement OAuth with your own access token, which you can get by creating an application at dev.twitter.com.
But, if your application connects to the Search API every time that your users interact with it, and you think that you will have to make more than one request every 5 seconds on average, then you will have to ask your users to authenticate in order to get their access tokens for your requests.

How to use API key with Yahoo's YQL?

I'm using this YQL command to access stock quote information in an XML format. The problem is it keeps timing out and rejecting after a bunch of hits. I think I need to plug in my API key so it doesn't think it's bots.
I'm using SharePoint to process the XML.
http://query.yahooapis.com/v1/public/yql?q=select%20*%20from%20yahoo.finance.quotes%20where%20symbol%20in%20(%22AAPL%22)&env=store://datatables.org/alltableswithkeys
This is what it says for limits.
Per application limit (identified by your Access Key): 100,000 calls per day.
Per IP limits: /v1/public/: 1,000 calls per hour; /v1/yql/: 10,000 calls per hour.
I'm trying to get that per application limit of 100,000 calls per day. Or I guess that 10,000 calls per hour is also good. Any suggestions? Thanks for any help.
You need to use OAuth and go through the complicated procedure of exchanging tokens. Once you have an access_token and a token_secret, you can use them to make authenticated requests until they expire.
The full workflow is summarized here.
You'll need to go through the step-by-step procedure outlined in the link above, but essentially what you'll be doing is:
Get a request_token from here.
Redirect user to a Yahoo authorization page.
Retrieve the oauth_verifier that comes in the query string when the user is redirected back to your page.
Exchange the request_token and oauth_verifier for an access_token and token_secret.
You can then use the access_token and token_secret to make authenticated requests.
Since you're using .Net, you can make your life easier by using this sample code posted here.
hope you have used Yahoo.inc to get your access token
so just use
$session = YahooSession::requireSession(CONSUMER_KEY,CONSUMER_SECRET, APP_ID);
$mails=$session->query('your query limit 10');
after feting access

Twitter API Limit

I have heard that Twitter limits the number of API calls a third party app can make per hour. I believe the limit is around 100. My question is, does that limit apply per user, or is it 100 calls per app? 100 for the entire application seems very low, but I wanted to make sure and I couldn't find my answer in the documentation I was reading. Thanks.
https://dev.twitter.com/docs/rate-limiting
The default rate limit for calls to
the REST API is 150 requests per hour.
The REST API does account- and
IP-based rate limiting. Authenticated
API calls are charged to the
authenticating user's limit while
unauthenticated API calls are deducted
from the calling IP address'
allotment.
The limit as of Oct. 8, 2009 is 150 requests per hour per ip/account. Sending tweets doesn't go against that limit.
However, you can get your ip(s) and account whitelisted, which gets you up to 20,000 requests per hour per ip/account. To do that, go to: http://twitter.com/help/request_whitelisting
Note: You MUST be in production to be whitelisted.
For those of us in beta (myself included) all is not lost as Twitter has an API to check how many requests/hour you have left for that ip/account (the api is called rate_limit_status).
(Sorry, I'd post more link but Stackoverflow won't let me...)
http://apiwiki.twitter.com/Rate-limiting contains lots of information, including this;
"The default rate limit for calls to the REST API is 150 requests per hour. The REST API does account- and IP-based rate limiting. Authenticated API calls are charged to the authenticating user's limit while unauthenticated API calls are deducted from the calling IP address' allotment."
The rates are significantly lower than what they used to be. There is no more white listing, and most API calls are now 15 per 15 minutes. In addition there is a cap of calls per hour at 100, and an additional ceiling for things like direct messages; they are also limited to 1000 per 24 hours.
It is 100 calls per IP or per user. and the Limit was recently increased to either 125 or 150.
If you have a Twitter Application that comes from a single IP, like a web application, you can get your IP/Account Whitelisted, allow for 10,000 calls per hour.
It's 100 calls per user, not per application.
link text
It's most likely 100 calls per IP per hour. I doubt there's a reliable way for them to track which application is making the request.