PoE Trade API Questions
|
I'm currently writing a small program to help me with trade queries (I'm querying the item search, not the public stash tab listing).
I've noticed some headers related to rate limiting details and was wondering how to interpret this data so I don't spam the server. Headers: "x-rate-limit-ip": "20:5:60" "x-rate-limit-ip-state": "2:5:0" Does anyone know what these values translate to or what the normal rate limits are for querying the item or exchange search? Also, would including the session id (POESESSID) be of any use, or is that only going to be relevant when logging in to an account? Last bumped on Feb 20, 2018, 4:52:38 PM
| |
|
there is a dev forum for poe on reddit, it's linked from the poe reddit page.
age and treachery will triumph over youth and skill!
| |
|
Headers:
The "X-Rate-Limit-{Method}" format is a comma delimited list (,) of rate limiting rules, which themselves are delimited by colons (:). In this case there is only one rule so there are no commas. Each rule is made up of three parts: request limit, interval (in seconds), timeout (in seconds). For the trade limits, this means that you will be rate-limited for 60 seconds if you make more than 20 requests in 5 seconds. The "X-Rate-Limit-{Method}-State" format is similar (comma delimited then colon delimited), except shows the state for your connection. It's made up of: current hits, interval (the same as above), active timeout (in seconds). For the example you gave this means that you've made 2 requests towards the 5 second interval and are currently rate-limited for 0 seconds (ie. you're not limited). Other headers related to rate-limiting include: The "X-Rate-Limit-Policy" header shows the policy that's active on the API endpoint (searches/exchange queries use the same policy) so requests to either of these endpoints will contribute to the same rate-limit rules. The "X-Rate-Limit-Rules" header is just a comma delimited list of methods (as in "X-Rate-Limit-{Method}"). We also provide a "Retry-After" header that gives the time you're rate-limited for in seconds (if you are rate-limited). Including your session ID: Including your session ID ("logged in") will change how certain policies track your limits. In the case of the trade search policy, logging in will rate-limit you based on your account instead of your IP (with the same limits) and the rate-limit based on your IP will allow double the requests per interval. You can see this change in the headers if you try making requests with your session ID. I hope that helps! Good luck with your program. ✮
Web Developer ✮ View our Developer Docs ✮ | |
|
That explains everything. Thank you so much for the description. I'm glad I wrote a functional rate limiter for nodejs the other day.
GGG Support is the best. | |
|
I'm trying to build a webapp for trading purposes and I'd like to use the official trading API.
Ideally, I'd build an API (to store some informations and do some logic) that would ultimately use the pathofexile.com/trade API for item queries. I did not start yet because I think the IP rate limiting would be an issue since every users would share the same limit (the one of my backend server). One solution would be to call the pathofexile API directly from each client, but since the API is protected against CORS, this is not possible. The other solution would be to include the POESESSID but it's fishy and unintuitive to prompt the users for their session ID imho. My question is quite simple : did I miss something ? Maybe this API is not intended for projects like mine... If you want more clarifications, see my original thread on https://www.reddit.com/r/pathofexiledev/comments/7xw0cl/trade_api_cors_and_rate_limiting/ | |
" No, it's not, valve trade banned me for free(when i was trading skins, i've got a lot of reports for scamming), but after 2 months i've got unban cause they finally checked my trades (and all was good[all scammed offers were declined by me]), here they are not even trying to check my acc... Last edited by whatjusthappend on Feb 17, 2018, 9:41:29 PM
|
|
" The expectation is that your backend will use the API to fetch data, you will cache it locally, and then you will serve user responses based on that cache of information. So, while the PoE API rate limit will apply to your backend fetching data, it should not influence your serving from local cache to users. |
|
