email.send
, which ratelimits users from sending OTP emails during login.
As identifier we’re using their email address.
Set Override
In this example, we’ll set an override for all users of our fictional customercalendso.com
.
How you detect a change is up to you, typically it’s either through a user or admin action, or some form of incoming webhook from your billing or auth provider.
tim@calendso.com
, it will use the override settings and ratelimit them to 10 per minute.