Skip to main content

I'm working with my coder on a script for sending SMS. It is server-based and no user interaction. The PHP script is performing the Authorization Code Flow and getting a token for the instance each time the script is called (/restapi/oauth/token). This appears to not be the preferred method as there is a limit of "5 requests / 60 secs". So if we attempt to send more than 5 SMS requests in a 60 second period, we are getting rejected with "Request rate exceeded", I believe because the multiple token requests.


What is a better way to code this to avoid the Rate request exceeded error response? We do not have a way to multithread or internally cache the token information.


We also are not using the PHP SDK. When I looked at it, the documentation in the middle/bottom of the page is pretty sparce (https://github.com/ringcentral/ringcentral-php) on how it works and if this would resolve the issue. If calling $sdk->platform()->loggedIn(); each instance the script is called, what is returned? Does it returns that we are still logged in (authenticated) and we can continue forward with the SMS, thereby avoiding the token calls that trigger the "Request rate exceeded" error?

Ryan,

The better approach would be to locally cache the tokens once you authorize and use it to send sms.

Session Variables

Once you Login using the below SDK method
$sdk->platform()->login()   
you could store the token information into a session variable ( $_SESSION['sessionAccessToken'] ) and re-use this token to set the auth data on the auth object as
$platform->auth()->setData((array)json_decode($_SESSION['sessionAccessToken']));

Cache Locally

With this approach, you would instead store the tokens locally in a file or a cache implementation and re-use the same to set the auth data and make the API call to send SMS

One of the publicly available libraries which you could use is :
StashPHP
$sdk->platform()->loggedIn()
is used to check if the platform instance is loggedIn ( would return 'true' if the accessToken is valid ) which would serve as the initial entry check to make sure the platform object is active ( as the tokens are valid ) and you could then use it to make any API calls, SMS in your case. 


Not sure, but official PHP SDK would have been better... Anyways, yes Caching is one of the best way to avoid API limit access. The access token has an duration of 1 hour and refresh token has duration of a week. So, caching the access token till an hour and generating the token again after an hour from refresh token and use the API


Reply