The page for the Requesting a token for the sign in site says that it’s rate limited
but the only further info I found regarding Rate limits is that for REST apis
"There are two initial buckets available for GET requests: 15 calls every 15 minutes, and 180 calls every 15 minutes."
the question is: what is with POST APIs like request_token?
This is especially important since it doesnt have a user auth yet in so it acts on behalf of the application, meaning that the rate limits can get tight.
when do you get the small and the large bucket in case of GET Requests?