There are two levels of rate limiting: global and per-endpoint, shown in the table below: Endpoint The time at which the current rate limit window resets in UTC epoch seconds. The number of requests remaining in the current rate limit window.
The maximum number of requests you're permitted to make per limit window.
Three HTTP header are set for informational purposes which you can use to handle rate limiting on your side: Header Name Rate limit exceeded, retry after 51243ms When rate capacity is exceeded, you will get 429 HTTP code in response: HTTP / 1.1 429 Too Many Requests However, all requests authenticated by auth tokens are subject to rate limiting rules. Regular requests made by browser or Steam client are NOT rate limited. Set X-Token header in your request: X -Token : 3bdd1da7 -3002 -4aaa -be91 -330562f54093Īdd _token query param to the URL: https : / /screeps. There are two identically valid ways to use this token: You can also limit the access scope to selected endpoints, websockets events and memory segments. You can generate an auth token in your account settings:Ī token with full access will have the same access scope as your usual authentication credentials. Such token is generated once and doesn't have expiration time. If you're building some external tool that doesn't require human interaction, you can generate a persistent auth token to make requests without solving CAPTCHA. The Steam client uses an encrypted local Steam connection for similar purpose. The regular web browser client uses Google Invisible reCAPTCHA to validate some requests in the background, including the sign-in request. We've developed an authentication tokens system to make this process easier for you. However, if you want to use undocumented HTTP endpoints which our server uses to communicate with the client, that's fine. Screeps doesn't have a documented public Web API.
0 kommentar(er)
