Production Board
Rate limits
How Production Board throttles incoming traffic.
Production Board applies two layers of token-bucket throttling. Per-IP buckets protect the deployment from abusive clients; per-token buckets (PATs only) protect against a single token replayed from many IPs. On exhaustion, responses return 429 with a Retry-After header in seconds.
Limits
| Authenticated reads (per IP) | 600 / min |
| Authenticated writes (per IP) | 180 / min |
| Per token (combined, PATs) | 1200 / min |
Behaviour under load
On exhaustion every endpoint replies with 429 Too Many Requests and a Retry-After header in seconds. The frontend client honours it automatically: follow-up calls within that window are short-circuited locally with a synthetic 429 so a queue can't compound the server-side ban.