TypeScript SDK Integration
LimitYourAPI TypeScript SDK with full type definitions for Node.js and edge runtimes.
TypeScript SDK Reference Guide
The LimitYourAPI TypeScript SDK provides complete static type definitions and structural interfaces for building robust, type-safe rate limiting mechanisms. For a quickstart focus with Express middleware examples, see the [JavaScript SDK](/sdk/javascript).
1. Installation
`bash
npm install limityourapi
`
2. Types & Interfaces
The SDK exports strong type contracts for both input options and output decisions.
`typescript
export interface LimitOptions {
apiKey: string;
timeout?: number; // Socket timeout in milliseconds (default: 1000)
failOpen?: boolean; // When true, allows traffic if Redis/API is offline (default: true)
maxRetries?: number; // Automatic retry attempts for network failures (default: 3)
}
export interface CheckParams {
key: string; // Rate limit identifier (e.g. user ID, IP, or token hash)
route: string; // The path or action being rated (e.g., "GET /items")
cost?: number; // Weight of the request (default: 1)
}
export interface CheckResult {
allowed: boolean; // Rate decision
limit: number; // Maximum quota limit
remaining: number; // Remaining requests in window
reset: number; // Unix timestamp when rate limit resets
retryAfter: number; // Time in seconds to wait before retrying (0 if allowed)
}
`
3. Advanced Configuration
Initialize the client with complete type validation and configuration tuning:
`typescript
import { LimitYourAPIClient, LimitOptions, CheckParams, CheckResult } from 'limityourapi';
const config: LimitOptions = {
apiKey: process.env.LIMIT_YOUR_API_KEY || '',
timeout: 500, // Fast timeout budget of 500ms
failOpen: true, // Fail-open for user experience resiliency
maxRetries: 2
};
const limiter = new LimitYourAPIClient(config);
async function handleRequest(userId: string, path: string): Promise
const params: CheckParams = {
key: userId,
route: path,
cost: 1
};
const decision: CheckResult = await limiter.check(params);
if (!decision.allowed) {
throw new Error(Rate limit hit. Retry in ${decision.retryAfter} seconds.);
}
}
`
4. Production Checklist
- Always pass a secure API key (
rl_...) loaded via environment variables. - Enable
failOpen: truein production to prevent caching layer outages from dropping client requests. - Configure socket timeouts (
timeout: 1000) to maintain low latency bounds. - Set custom key identifiers to trace limits by authenticated User ID rather than shared client IPs.
Rate Limiting Glossary
Understanding rate limiting terminology helps teams communicate requirements clearly across engineering, product, and security teams for TypeScript SDK.
| Term | Definition |
|---|---|
| Rate limit | Maximum number of requests allowed in a time window |
| Quota | Total allowed usage over a longer period (daily, monthly) |
| Token bucket | Algorithm allowing bursts up to bucket capacity with steady refill |
| Sliding window | Counts requests in a rolling time window for precise enforcement |
| Fail-open | Allow requests when rate limiter is unreachable |
| Fail-closed | Reject requests when rate limiter is unreachable |
| 429 HTTP Status | Standard HTTP status code for rate limit exceeded |
| Retry-After | Header indicating seconds until client should retry |
| Identifier / Key | Unique string identifying the client for rate limiting |
| Express Middleware | In-app route handler that intercepts incoming Node requests |
| Event Loop | Single-threaded execution loop in Node.js that must remain non-blocking |
| Async Caching | Non-blocking execution hooks validating keys concurrently |
Next Steps
Ready to protect your API with production-grade rate limiting? Here is the recommended path for TypeScript SDK:
- Create a free account at [limityourapi.tech/login](/login) — no credit card required for the Hobby tier
- Generate an API key in the dashboard under API Keys
- Install the SDK: Run
npm install limityourapiand follow the [Node.js](/sdk/nodejs) guide - Follow the quick start guide at [/quickstart](/quickstart) for a 2-minute integration
- Configure rules in the dashboard for your highest-risk endpoints first
- Monitor analytics to tune limits based on real traffic patterns
Questions? Read the [documentation](/docs) or explore the [rate limiting education hub](/learn) for deep technical guides on algorithms, architecture, and production patterns.
Frequently Asked Questions
What is API rate limiting?
API rate limiting controls how many requests a client can make in a given time window. It protects backends from abuse, ensures fair usage across tenants, and prevents cost overruns from traffic spikes or malicious bots.
Why use Redis for rate limiting?
Redis provides sub-millisecond latency, atomic operations via Lua scripts, and horizontal scalability. Centralized state ensures consistent limits across distributed application servers.
How fast is LimitYourAPI?
LimitYourAPI delivers rate limit decisions in under 15ms globally using atomic Redis Lua scripts. This is fast enough for inline middleware without adding perceptible latency to API responses.
Does LimitYourAPI support token bucket and sliding window?
Yes. LimitYourAPI supports token bucket, sliding window, fixed window, and cost-aware algorithms. You can configure per-route strategies without changing infrastructure.
Can I migrate from express-rate-limit or Cloudflare?
Yes. LimitYourAPI provides migration guides with before/after code examples for express-rate-limit, Cloudflare, Upstash, Arcjet, and other providers.