Showing results for 
Search instead for 
Did you mean: 
Copilot Lvl 2
Message 1 of 5

API v4 abuse detection



I have a list of some ~2500 logins.  I'm running a script which makes queries to pull information about those logins.  Essentially, it's the same query over and over, accepting a login parameter.  Each query "costs" one (1) point.


AFAIK there's no way to "batch" these queries reasonably (which makes me wonder if a users endpoint is a feature that GitHub would consider implementing).  I found that running these queries in series is very slow), so I was trying to run them concurrently.


Running eight (8) requests concurrently seems to trigger the anti-abuse mechanism, and temporarily bans me.  Running two (2) concurrently seems to be safe, but it's still much slower than I'd like. 


This doesn't seem to be documented anywhere, so I'm hoping GH can give more clarity around this (unless it's risky to be more specific).  What's reasonable?

4 Replies
Community Manager
Message 2 of 5

Re: API v4 abuse detection

Hi @boneskull,


It's possible to "batch" multiple resources of different types if the resource's GraphQL Node ID is known. With the id's you can then run the following query that uses the nodes field passing an Array of Node IDs (both of which are type String) as an argument to the ids parameter to fetch both of them along with the name, avatar URL, and location:


query {
  nodes(ids: ["nodeid", "nodeid"]) {
    ... on User {

Rather than resolving the login String (username field) and obtaining more information from there, utilizing the Node ID and querying multiple nodes one time can be thought of as a more "performant approach" to take on (one query versus N queries).


I hope this helps!





Mark helpful posts with Accept as Solution to help other users locate important info. Don't forget to give Kudos for great content!

Copilot Lvl 2
Message 3 of 5

Re: API v4 abuse detection

Unfortunately, the Node ID is not known.  Just have a list of logins.  I could fetch these up-front then attempt to batch, but unsure if that entire operation would be any faster (without trying it).

Copilot Lvl 2
Message 4 of 5

Re: API v4 abuse detection

You should be able to batch those queries into bigger ones using aliases, c.f.:



query userTest{
  user1: user(login:"username 1") {
...userInfos }
user2: user(login:"username 2") {
user3: user(login:"username 3") {
# etc...
fragment userInfos on User {



Ground Controller Lvl 1
Message 5 of 5

Re: API v4 abuse detection

@AndreaGriffiths11 , how does this mechanism works?
I'm getting that message randomly. I've tested it in a lot of scenarios but I can't avoid it.