In the coming months we’ll be rolling out a new rate limiting feature for the Zamzar Developer API.
If you’re new to the concept, rate-limiting is a mechanism which allows service providers to keep track of the number of requests from users, and to place limits on those requests if there is a sudden influx, above what might be considered “normal” traffic levels.
This is beneficial for cloud services such as ours, as it enables our engineers to continue running a stable service for everyone, even if one user has code that is going haywire (this happens more than you might think!*). It also helps to protect services against Denial of Service (DoS) attacks, since the system can take steps to automatically protect itself.
We have been successfully applying rate limits to the Zamzar API sandbox environment (https://sandbox.zamzar.com) since August 2018 and will be extending this feature to users of the production API endpoint (https://api.zamzar.com) over the coming months.
We have put together a FAQ below to help you prepare for this change. For most customers nothing will change – 95% of you are well below any limits that will be put in place, and for customers that may be affected we’ll be emailing each of you individually over the coming weeks to give you a heads-up.
1. What’s changing?
In the coming months we’ll be applying rate limits to the https://api.zamzar.com endpoint. If your client code exceeds those limits you will receive an HTTP 429 “Too Many Requests” HTTP Header and JSON response with details on when you can retry your request:
2. What do I need to do?
Nothing immediately – we’ll be emailing customers likely to be affected by this change over the coming weeks (see the “timeline” below). For any customers likely to breach the new limits:
- If you have large numbers of files to convert, consider submitting new jobs in batches, or queue them up rather than submitting all at once.
- Consider polling the /jobs endpoint less aggressively (for example by using a constant sleep or an exponential backoff algorithm).
- If you are downloading a file with multiple output files download the ZIP of all those files rather than each file individually
- Make your code “rate limit” aware by checking for the HTTP 429 status and backing off requests if you receive this status.
3. Where can I read more?
We have a dedicated area in our documentation covering rate limits and how our API behaves if you hit those limits. Check it out at https://developers.zamzar.com/docs#section-Rate_Limits
4. What limits are already in place?
The following rate limits apply to the sandbox.zamzar.com endpoint. If you exceed these limits you will receive an HTTP 429 response from the API.
5. What are the new rate limits?
We will be introducing the following rate limits to the production API endpoint (https://api.zamzar.com):
6. How can I test?
If you would like to test your code with rate limits send a quick fire burst of HTTP GET requests (over 3 per second) to an API endpoint such as https://sandbox.zamzar.com/formats/gif – this will trigger the HTTP 429 “Too Many Requests” rate limit response from the Zamzar API.
7. What is the timeline?
1st Oct – 31st Oct 2018: Customers likely to be affected will be emailed.
1st Oct – 30th Nov 2018: Affected customers can take remediation steps.
1st Dec 2018: Rate limit changes launched.
8. Who can I contact if I have questions?
If you would like any further information about this feature or need to chat to someone within the team just email us at firstname.lastname@example.org – we are happy to help.
The Zamzar Team.
*Tight “for loops” with no sleeps anyone?