Authentication and Security
Authentication
Any unauthenticated requests against our public API are assigned a service role with limited permissions. This means that you do not need to explicitly set authentication on the requests that you make against our API.
While our entire API is exposed through introspection, only the queries and mutations documented on this site are fully supported. This means if you attempt a query or mutation that the service role does not have permissions to do, you will receive an unauthorized response from the API.
Contact our Support Team at support.online.church if there are operations you are attempting that are not currently authorized.
Security
Rate Limiting
Requests are rate limited at 200 requests per minute per domain. When going over that limit you will begin receiving 429 Too Many Requests
responses from the API.
If you expect to go over this limit we suggest implementing a server cache of this data on your website.
Updated about 4 years ago