Hello,
I'm a developper for a French Youtuber (https://www.youtube.com/channel/UCk5fFxZePtpX1QLM7edDsNA) and we are organizing a big event on Minecraft with more than 1000 players.
For this, we created a registration website which use the Microsoft login to check if the user have a Minecraft account and register him.
For that we are using this flow : https://wiki.vg/Microsoft_Authentication_Scheme
Everything works but when we have some registrations in same time (like the time we announced this event), all the request from our server to your API (`api.minecraftservices.com/authentication/login_with_xbox` and `api.minecraftservices.com/minecraft/profile`) we got `429 Too Many Requests` and this is a big problem!
I tried to spam requests on my computer, and after only 4 or 5 requests I'm locked because too many requests.
The only solution is to have different IPs but it is a big deal...
It is important to note that making requests from our server ensures better security and authenticity of the accounts created.
Is it possible to have some solutions to fix this?
Thanks in advance.
Hello Valentin, it sounds like our protection mechanisms work as intended. We did not develop our APIs with the intent to allow developers to integrate towards it to mass-authenticate players - or as you put it, handle "spam requests".
If you need this for an event you can create a support ticket and we can review it on a case-by-case basis. Please make sure to include your IP address and the duration of the event.