I manage users of my API with Google Identity Plattform. To this end, I let users send their credentials (email/password) to my server which then sends requests to the identity plattform API for authentication (https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword). This happens a couple of times per hour (a couple of hundres of times) during a polling operation. The setup works well, until the server exceeds a certain number of API calls. At this point, the API returns:
{
"message": "QUOTA_EXCEEDED : Exceeded quota for verifying passwords.",
"domain": "global",
"reason": "invalid"
}
I tried looking for API limits online, but could only find this page on the Google Documentation. I cannot pin-point which limit it is am exceeding.
My question is, unless there is a simple limit to raise that API quota, am I doing something wrong? Should user authentication be handled differently in my case? Thanks for your help!
To reproduce the problem, the following python snippet should do the trick:
import requests
IDENTITY_PWD_SIGNIN_API = 'https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword'
IDENTITY_KEY = <key of google identity plattform>
EMAIL = <user email>
PASSWORD = <user password>
for idx in range(50):
response = requests.post(IDENTITY_PWD_SIGNIN_API + '?key=' + IDENTITY_KEY, data={'Content-Type': 'application/json', 'email': EMAIL, 'password': PASSWORD, 'returnSecureToken': True})
print(f'{idx}: {response.status_code}')