How Bitbucket users get rate limited

person in white shirt using computer
Reading Time: 3 minutes

Token bucket technology is used for rate limitation. A user must pay one token for each REST API request they make when it is enabled. So to do so there several ways , lets discuss about how bitbucket user get rate limited.

Procedure for rate limiting


Rate-limiting objectives requests are sent using HTTP with bearer or basic authentication (such as REST API requests). It uses the token bucket algorithm to function. After being switched on:

  • Each user receives a “token bucket” holding all the tokens they are permitted to possess (this is their token bucket size).
  • One token is removed from their bucket each time they send an HTTP request.
  • Tokens are continuously added to their bucket until it is full (this is their token bucket refill rate)
  • The inability to make requests when their bucket is empty.

Activating rate limiting


Rate limitation cannot be activated unless you are a System Admin or Admin. When you first perform this, the following default values will be displayed:

  • Token bucket size -This is the total number of tokens that a user has access to. It establishes the most requests they can make in one burst. This is usually set to 60.
  • Token bucket refill rate – This represents how many tokens are added to a user’s bucket each second. The result affects their throughput. This is normally set to 5

Deactivate Rate limiting

  • Choose Rate Limiting from the cog symbol.
  • Set the state to “On.”
  • Change the size and fill rate of the token buckets as necessary.
  • Press Save.

The operation of rate limiting in a cluster

Each node of your instance, which consists of a group of computers behind a load balancer, will have a distinct token bucket for each of your users. However, this implies that each of your users will have three token buckets if you have three nodes.

Identifying users with rate limits

When a user is rate limited, they will be immediately aware since they will receive an HTTP 429 error notice (too many requests).

Moreover, there are two approaches to determining whether customers have rate limits:

  1. On the rate-limiting settings page, you can view the User’s rate limited in the last 24 hours table.
  2. In the Bitbucket access log, you can find more specific details. However, an event with the label “rate-limited” will be recorded each time a user has their rate limited.

Ways to help customers escape rate restrictions


Those who are experiencing rate limits can avoid this from happening and also support their team by making a few easy modifications. They can:

  • By developing scripts that wait for each REST request to complete before launching another, tight loops can be avoided. However, they might think about sending each REST request separately and just sending a new one once the previous one has been completed, for instance, if they are being used to populate a wallboard.
  • Do not create several threads that are all making requests.



The rate-limiting feature of Bitbucket is used to keep the API usage within limits which would not lead to excessive use of API hits and degrading the performance of the instance. However, rate limiting helps in keeping up the instance performance efficient.