End user rate limit on external websites

Question

When embedding AgenticFlow agents as widgets or apps on an external website, is there a way to set rate limits or usage quotas for end users?
Specifically, can I restrict how many times or how frequently an individual user (or IP) can trigger the agent, to prevent abuse or excessive credit consumption?
If yes, how granular is this control (per day, per month...?), and is it configurable from within the AgenticFlow dashboard?

SeanP_AgenticFlowAI · Answer

Hey Thomas8Way,\u000a\u000aThat\u0027s a really important question for managing embedded agents and controlling usage!\u000a\u000aCurrently, AgenticFlow does not have a built\u002Din, user\u002Dfacing feature directly within the dashboard to set granular rate limits or usage quotas per individual end\u002Duser (or IP address) interacting with an embedded agent widget or app on an external website.\u000a\u000aOur current rate limiting is primarily at the workspace/account level for overall API calls to prevent system\u002Dwide abuse, and credit consumption is tracked at the workspace level.\u000a\u000aHow to Approach This Currently \u0026 Future Considerations:\u000a\u000a1. Your Application Layer (If using API/Boilerplate):\u000aIf you\u0027re using our API to build a custom frontend for your agent (e.g., with the Next.js boilerplate: https://github.com/PixelML/agenticflow\u002Dboilerplate), you would implement end\u002Duser rate limiting and session management within your own application\u0027s backend logic.\u000aYour application would authenticate/identify users (or track IPs), count their interactions with your AgenticFlow\u002Dpowered backend, and then decide whether to proxy their request to AgenticFlow or block it based on your defined limits.\u000a\u000a2. For Standard Widget Embeds (More Limited):\u000aWith the direct script embed for the chat widget, there\u0027s no direct mechanism within AgenticFlow to say \u0022User X from IP Y can only chat 10 times today.\u0022\u000aYou could potentially implement some client\u002Dside JavaScript on your website to try and limit widget interactions from a single browser session, but this is less robust and can be bypassed.\u000a\u000a3. Roadmap Feature \u002D Granular Usage Controls:\u000aThis is a very valid and needed feature, especially for public\u002Dfacing agents. The ability to set per\u002Duser, per\u002DIP, or per\u002Dsession limits on embedded agents is definitely something we see the value in.\u000a\u000aPlease add this as a specific feature request (or vote if it exists) on our public roadmap: https://agenticflow.featurebase.app/. Title it something like \u0022Per\u002DEnd\u002DUser Rate Limiting/Quotas for Embedded Agents.\u0022 The more community demand we see, the higher we can prioritize it.\u000a\u000aIn short:\u000a\u002D No direct, built\u002Din dashboard controls for per\u002Dend\u002Duser rate limiting on embedded widgets yet.\u000a\u002D If using our API for a custom app, implement rate limiting in your application.\u000a\u002D This is a key area for future development, so please make your voice heard on the roadmap!\u000a\u000aWe understand the importance of preventing abuse and managing costs for publicly accessible agents, and we\u0027ll be looking to enhance these controls.\u000a— Sean

AgenticFlow

Share AgenticFlow

Related questions