Limits

The Fullstory API employs a number of safeguards against bursts of incoming traffic to help maximize its stability. Users who send many requests in quick succession may see error responses that return a 429 response code. We have several limiters in the API, including:

Rate Limits

• Limits the number of requests received by the API within any given second. For most APIs this limit is set such that it should not be hit under realistic load.

• Limits bursts of requests that may exceed the standard rate for a short period of time. Should the burst limit be exceeded, it will recharge over time.

Payload Size Limits

• Limits the size of requests received by the API. For any endpoint that has a payload limit, that information will be provided with the given endpoint.

Handling Limiting Gracefully

When a rate limit is hit a Retry-After header will be included with the response. This header will contain the number of seconds that you should wait before attempting to send another request.

Identifying Unique Users

The Fullstory API gives you the ability to identify unique visitors to your site.

The identity API methods should only be used to identify known users that you can identify within your application. In other words, you know who they are and they have some kind of unique customer ID with your application.

Do not use the identify API methods for guest users, anonymous users, or "groups" of unidentified users. You can still set properties for those users, but don't attempt to set a unique identifier for them.

The following table contains information about how to best set properties for identified and anonymous users on various platforms:

Platform	Identified users	Unknown users
Browser	Identify Users	Set User Properties
Mobile: Android	Identify User	Set User Properties
Mobile: Flutter	Identify Users	Set User Properties
Mobile: iOS	Identify Users	Set User Properties
Mobile: React Native	Identify Users	Set User Properties

For setting user properties via the Server API, see Create User and Create Event, ensuring you only supply unique uid values for known users.

Limits for Identifying Users

Improper use of the identity API methods can lead to an exceptionally high number of sessions being associated with a single uid, which Fullstory refers to as a "mega user".

Mega users—which can occur when the identify API methods are used incorrectly—can negatively affect the usability of the Fullstory platform as well as overall performance.

If mega users are identified on your account, Fullstory Support may reach out to account administrators to take corrective action. Fullstory reserves the right to suspend data capture in the event that your account's usage degrades overall system performance.

Fullstory will flag the user as a "mega user" when the following thresholds are met:

• Surpassing 250 unique cookies associated with a single uid in a day
• Exceeding a consistent limit of 45 unique cookies for one uid

When a uid has been flagged as a mega user, Fullstory will stop coalescing new sessions associated with the mega user uid. Learn more.