Rate Limits

The only rate limits are on the /users and /login endpoints to stop users from crashing the server with password encryption and decryption.

The rate limit is 1 request per second with a burst of 5. If you exceed this limit, the API will respond with an HTTP 429 error ("Too Many Requests"). It will keep responding like that until you go below the rate limit. There's no "cool down" if you reach the rate limit. Just don't go above 1 request per minute. This rate limit applies per IP, not per user.