X-rate-limit in response headers



I’m in the process of updating my company’s calls to the Twitter Ads API from version 3 to version 4.
As part of this, I’m updating our integration tests to validate the endpoints process requests correctly, and have determined that I’m getting rate limited on every request with my account.

My request looks like:

POST to https://ads-api.twitter.com/3/tailored_audience_memberships

Source JSON:

“operation_type”: “Update”,
“params”: {
“advertiser_account_id”: “:accountId”,
“membership_type”: “LIST_MEMBERSHIP”,
“user_identifier”: “f660ab912ec121d1b1e928a0bb4bc61b15f5ad44d5efdc4e1c92a25e99b8e44a”,
“user_identifier_type”: “EMAIL”,
“score”: 100,
“audience_names”: “:audienceName”,
“effective_at”: “2018-12-05T21:05:21Z”
}, {
“operation_type”: “Update”,
“params”: {
“advertiser_account_id”: “:accountId”,
“membership_type”: “LIST_MEMBERSHIP”,
“user_identifier”: “31611159e7e6ff7843ea4627745e89225fc866621cfcfdbd40871af4413747cc”,
“user_identifier_type”: “HANDLE”,
“score”: 100,
“audience_names”: “:audienceName”,
“effective_at”: “2018-12-05T21:05:21Z”
}, {
“operation_type”: “Update”,
“params”: {
“advertiser_account_id”: “:accountId”,
“membership_type”: “LIST_MEMBERSHIP”,
“user_identifier”: “bbaf670d8020f6e111d507df3e8a6a847a54bf3308ce4a8c7542771d2b23b094”,
“user_identifier_type”: “DEVICE_ID”,
“score”: 100,
“audience_names”: “:audienceName”,
“effective_at”: “2018-12-05T21:05:21Z”

With the values of :accountId and :audienceName matching the actual request.

{“request”:{“params”:{“version_number”:“3”}},“errors”:[{“code”:“TOO_MANY_REQUESTS”,“message”:“Too many requests”}]}

Status code: 429
From response headers, I have:
[x-rate-limit-limit, 0]
[x-rate-limit-remaining, 0]

It appears I am limited to sending 0 requests.
Can I get this updated?



This endpoint has been deprecated and will no longer be available as of 2019-02-28. You can use v4
Audience API Integration

For rate-limiting, please read this.

Also, please provide us your Ads account ID at least when you ask questions.



Thanks, I’m fully aware that the endpoint is being deprecated.
My original note says this “We are in the process to updating our software to use version 4.”
I need to make sure that my code works until we make this migration.

I intentionally did not provide my ads account ID for 2 reasons:

  • this is a public forum, and I don’t want this made public - our company takes anything with even a hint of an account ID very seriously
  • I figured that was something that could be looked up by you

If you’re asking then this ID isn’t as protected as I expect, so here it is: 18ce53worc8

The “rate limiting” article is no help because this is the only API call I’m making.
Here are 2 other values in the HTTP response:
[Date, Wed, 05 Dec 2018 21:06:07 GMT]
[x-rate-limit-reset, 1544044027]

The ‘rate limit reset’ value corresponds to one minute after the date value.
The response indicates I have effectively a limit of zero requests.


@BrianMCzako Thank you. Providing your account ID here is safe.

You said, both x-rate-limit-limit and x-rate-limit-remaining returned “0”, correct? It shouldn’t be 0 at least for x-rate-limit-limit header though. only on v3? or on v4 as well?

Also, you’re using user context OAuth authentication rather than Application-only authentication, correct?



Yes, they’re both “0” on v3. That is not a typo.
I’m still working on the v4 payload.

My authentication is using the methodology defined here


@BrianMCzako The best way to debug these kind of situation is to use twurl and see if you can reproduce even with this tool or not. Then, we can identify and isolate the issue more clearly.

twurl -X POST -t -H 'ads-api.twitter.com' '/3/tailored_audience_memberships' -d 'json_string'

This will show you all response header. Can you try and provide us your output (response headers)?



It looks very much the same as when I did it in code. But here you go:

-> “HTTP/1.1 429 Too Many Requests\r\n”
-> “connection: close\r\n”
-> “content-disposition: attachment; filename=json.json\r\n”
-> “content-encoding: gzip\r\n”
-> “content-length: 345\r\n”
-> “content-type: application/json;charset=utf-8\r\n”
-> “date: Fri, 07 Dec 2018 16:39:40 GMT\r\n”
-> “server: tsa_b\r\n”
-> “set-cookie: personalization_id=“v1_xIfM40JYwE16kl+s2ZN0KQ==”; Max-Age=63072000; Expires=Sun, 6 Dec 2020 16:39:40 GMT; Path=/; Domain=.twitter.com\r\n”
-> “set-cookie: guest_id=v1%3A154420078032426066; Max-Age=63072000; Expires=Sun, 6 Dec 2020 16:39:40 GMT; Path=/; Domain=.twitter.com\r\n”
-> “strict-transport-security: max-age=631138519\r\n”
-> “x-connection-hash: 74fb42b0d68567bb95bfb3500604aa91\r\n”
-> “x-content-type-options: nosniff\r\n”
-> “x-frame-options: SAMEORIGIN\r\n”
-> “x-rate-limit-limit: 0\r\n”
-> “x-rate-limit-remaining: 0\r\n”
-> “x-rate-limit-reset: 1544200840\r\n”
-> “x-response-time: 14\r\n”
-> “x-transaction: 00a05fa900cb7e9f\r\n”
-> “x-tsa-request-body-time: 1\r\n”
-> “x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report\r\n”
-> “\r\n”