# Rate Limits


There are no per-key quotas in v1 (the API is [open and read-only](./authentication)). To keep the
service healthy for everyone, traffic is protected at the edge:

- **Rate limiting** — abusive request rates from a single IP are throttled (a rolling
  per-IP limit at the CDN edge). Normal browsing and scripted discovery are well within bounds.
- **IP reputation** — requests from known-bad IP ranges are blocked.

## Be a good citizen

- **Cache** — responses are cacheable at the edge; repeated identical queries are cheap. Cache on
  your side where you can.
- **Paginate** — use `page` + `limit` (max `limit=100`) instead of hammering large result sets.
- **Select artifacts** — request only the `artifact_types` you need, and add `include=content` only
  when you actually need the bytes (OpenAPI specs are large).

If you have a high-volume or commercial use case, get in touch via [apis.io](https://apis.io/) —
the contract is API-key-ready for metered tiers.