Rate limiting is a technique we use to ensure a fair experience for all users of our API. It prevents any user from overloading the system with too many requests in a short time.

We use a method called the Leaky Bucket approach. Imagine you're filling a bucket with water. If you add water too fast, it will overflow. But if you add water at a steady pace, it won't. The same principle applies to sending requests to our API.

We measure the "weight" of your requests using a complexity counter, similar to the system used by Shopify . Each app can send requests with a total complexity of 1000 per minute. If you exceed this limit, you'll be temporarily blocked.

Queries and mutations are types of requests. Most queries have a complexity of 0 or 1. Mutations usually have a complexity of 10 or 20. So, if a mutation has a complexity of 10, you can send 100 of these per minute before you hit the limit.

Each request response includes an extensions block that shows your current usage status.

• currentlyAvailable : How much of your complexity limit you have left.
• restoreRate : How much of your complexity limit is restored each minute.
• maximumAvailable : The maximum complexity you can use in a minute.

If you exceed the rate limit, you'll receive an error message and information about when you can send requests again.

• retryAfter : How long you need to wait (in seconds) before you can send requests again.

Here are some strategies to avoid hitting the rate limit:

• Use an exponential backoff system.
• Queue your requests and send them based on complexity limits.
• Spread out your requests over time.