HTTP API Limits


In an ideal world, a platform such as GroveStreams would not have to apply rate limits. Unfortunately, mistakes are made or malicious attacks occur and GroveStreams needs to prevent these situations from impacting users.

Default Rate Limits
  • Unauthenticated calls are permitted 150 requests per hour. Unauthenticated calls are measured against the public facing IP of the device making the request.
  • Authenticated calls (calls with session or api_key tokens) are permitted 350 requests per hour and are measured against the public facing IP of the device making the request. Some calls have no limits - see below.

Stream feed GET requests have no rate limit.

Stream feed PUT requests have a 10 second rate limit per authenticated public facing IP address. The feed PUT rate limit algorithm is a little forgiving as it actually checks for more than 12 calls within a two minute period. GroveStreams allows for batching many device feeds into a single call to work around this limit. You may encounter the 10 second limit if there is more than one gateway uploading feeds behind a public facing IP address such as a home/business Internet router or a cloud service such as SmartThings, Electric Imp, or Amazon SES. Sometimes batching will not resolve these scenarios. The X-Forwarded-For HTTP header parameter may be included as part of each gateway's PUT call as a work-around. Set X-Forwarded-For to a value that is unique for each gateway such as the gateway's IP address, its serial number, or a hard-coded UUID. GroveStreams will append the X-Forwarded-For value to the outward facing IP address during the feed PUT rate limit check when it is included. See the GroveStreams Arduino or Python examples for X-Forwarded-For usage.

Request Body Size Limits
200 MBs

Feed Limits
The number of feed samples are determined by the request time range, the request cycle(s) and the number of streams in the request.

The maximum number of data points per advanced API feed GET request are 10,000 for strings and 550,000 for other data types (These amounts are subject to change as we evaluate the impact to our servers).
The maximum number of characters for a string sample is currently 255. We are starting with 255 but we could increase it as long as we decrease the maximum number of string intervals per request. Again, your feedback would be appreciated.

The average number of sub-second samples per stream per feed upload is limited to 5. For example, a single stream is limited to 50 samples over a 10 second upload time period. The GroveStreams production website is configured to optimally handle one second sample frequencies or higher, accurate to the millisecond. This limit allows for random events to generate some rapid sub-second samples but prevents devices from being configured with a sample frequency that is too small for the configuration settings we have applied to the public GroveStreams website.

GroveStreams Web Server Caching
The GroveStreams web servers will cache most API call responses for 10 seconds. Any transaction that returns a cached response will not be included in the monthly transaction count used for billing. Caching may prevent viral embeddable widgets from significantly increasing transaction counts.

Are These Limits Preventing you from Using GroveStreams?
Your home, organization, or business might not be able to use the public GroveStreams website because of one or more of the limits described above. If this is the case, consider leasing a private GroveStreams cluster that is configured to handle your specific use case. All of the above limits are configurable for leased GroveStreams instances.