The problem with code-defined ratelimits is that managing different limits per user is not really feasable. You’d need to keep a list of identifiers hardcoded in your code and redeploy your application whenever one of them changes. With unkey you can add custom overrides dynamically and we’ll roll them out to every edge location quickly.

Overriding limits for an identifier

1

Head over to your namespace page

Click “Ratelimit” in the sidebar > select your namespace > Overrides
2

Create a new override

Enter the identifier to override, a custom limit and custom duration.
3

Save

Click Create to roll out the override globally. It may take up to 60s at most but is usually done in just a few seconds.From now on, when the specified identifier gets ratelimited, it’ll use the custom limits, rather than what is defined in your code.

Wildcard Rules

You can use wildcards (*) in your override to match multiple identifiers. Exact override matches take precedence over wildcard matches, but there’s no guarantee of order between multiple wildcard matches yet. Example: Given a base limit of 10/60s and these overrides:
  • *@domain.com: 20/60s
  • hello@domain.com: 100/s
This would result in the following applied ratelimits:
requested identifiermatchused ratelimit
abc@domain.comwildcard20/60s
hello@domain.comexact100/s
xyz-10/60s
Here’s an example of setting higher limits for all emails from the customer.com domain.

Examples

overridematches
*@domain.com1@domain.com, hello@domain.com
invite:*invite:abc, invite:hello world
prefix*suffixprefixhelloworldsuffix