This page contains information on what methods are available in Ratelimit and how they can be used. For information on the cost of these operations in term of number of Redis commands, refer to the Costs page.


The limit method is the heart of the Ratelimit algorithm.

  identifier: string,
  req?: { geo?: Geo; rate?: number },
): Promise<RatelimitResponse> 

It receives an identifier to rate limit. Additionally, it can be passed a req parameter which can contain either a geo or a rate field. geo field is passed to the analytics but is not in use currenlty. The rate field determines the amount of tokens/requests to subtract from the state of the algorithm with regards to the provided identifier.

The limit method returns some more metadata that might be useful to you:

export type RatelimitResponse = {
   * Whether the request may pass(true) or exceeded the limit(false)
  success: boolean;
   * Maximum number of requests allowed within a window.
  limit: number;
   * How many requests the user has left within the current window.
  remaining: number;
   * Unix timestamp in milliseconds when the limits are reset.
  reset: number;

   * For the MultiRegion setup we do some synchronizing in the background, after returning the current limit.
   * Or when analytics is enabled, we send the analytics asynchronously after returning the limit.
   * In most case you can simply ignore this.
   * On Vercel Edge or Cloudflare workers, you need to explicitly handle the pending Promise like this:
   * ```ts
   * const { pending } = await ratelimit.limit("id")
   * context.waitUntil(pending)
   * ```
   * See `waitUntil` documentation in
   * [Cloudflare](
   * and [Vercel](
   * for more details.
   * ```
  pending: Promise<unknown>;


In case you don’t want to reject a request immediately but wait until it can be processed, we also provide

  identifier: string,
  timeout: number
): Promise<RatelimitResponse>

It is very similar to the limit method and takes an identifier and returns the same response. However if the current limit has already been exceeded, it will automatically wait until the next window starts and will try again. Setting the timeout parameter (in milliseconds) will cause the returned Promise to resolve in a finite amount of time.

// Create a new ratelimiter, that allows 10 requests per 10 seconds
const ratelimit = new Ratelimit({
  redis: Redis.fromEnv(),
  limiter: Ratelimit.slidingWindow(10, "10 s"),
  analytics: true,

// `blockUntilReady` returns a promise that resolves as soon as the request is allowed to be processed, or after 30 seconds
const { success } = await ratelimit.blockUntilReady("id", 30_000);

if (!success) {
  return "Unable to process, even after 30 seconds";
return "Here you go!";
In Cloudflare, blockUntilReady will not work as intended due to not behaving the same as in Node environments.

For more information, check:


This method resets the state of the algorithm with respect to some identifier:

ratelimit.resetUsedTokens(identifier: string): Promise<void>


This method returns the remaining tokens/requests available for some identifier:

ratelimit.getRemaining(identifier: string): Promise<number>