Skip to main content

Breaking Change: Quota Headers Removed from API Responses

Date: July 17, 2025
Type: Breaking Change
Impact: Medium

Summary

To improve API performance and enable better caching, we have removed quota information headers from all API responses except the dedicated /api/v1/usage endpoint. This change enables Cloudflare to cache responses across users, resulting in significantly faster response times.

What Changed

Before

All API responses included these headers:

  • X-Quota-Used: Number of API calls used this month
  • X-Quota-Limit: Your monthly quota limit

After

  • Quota headers are only included in /api/v1/usage endpoint responses
  • All other endpoints no longer include quota information in headers
  • Rate limit headers (X-Rate-Limit-*) remain for Free tier users only

Why This Change

Including user-specific quota headers in every response prevented Cloudflare from caching responses, as each response was unique to the user. By removing these headers:

  • High cache hit rate achieved
  • Near-zero latency for cached responses
  • Better scalability with reduced server load
  • Lower costs through efficient edge caching

How to Check Your Quota

Use the dedicated usage endpoint to monitor your API usage:

curl -H "X-API-Key: YOUR_API_KEY" \
     https://api.cybersecfeed.com/api/v1/usage

Response:

{
	"data": {
		"usage": {
			"current": 1234,
			"limit": 30000,
			"reset_at": "2025-08-01T00:00:00Z",
			"percentage_used": 4.11
		}
	}
}

Migration Guide

If you were parsing quota headers:

Before:

response = requests.get("https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001",
                       headers={"X-API-Key": api_key})
quota_used = response.headers.get("X-Quota-Used")  # No longer available
quota_limit = response.headers.get("X-Quota-Limit")  # No longer available

After:

# Check quota separately
usage_response = requests.get("https://api.cybersecfeed.com/api/v1/usage",
                             headers={"X-API-Key": api_key})
usage_data = usage_response.json()
quota_used = usage_data["data"]["usage"]["current"]
quota_limit = usage_data["data"]["usage"]["limit"]

# Make your API calls
response = requests.get("https://api.cybersecfeed.com/api/v1/cve/CVE-2024-0001",
                       headers={"X-API-Key": api_key})

Best Practices

  1. Check quota periodically - Not on every request
  2. Cache quota locally - Update every few minutes
  3. Set up alerts - Monitor when usage approaches limits
  4. Handle gracefully - Don't block on quota checks

Performance Impact

  • Before: Slower response times due to user-specific headers
  • After: Near-zero latency for cache hits (majority of requests)
  • Result: Dramatic performance improvement for cached responses

Questions?

Contact support based on your subscription tier if you need assistance updating your integration:

  • Plus: Email support (24h response)
  • Pro: Priority support (8h response)
  • Business: Dedicated support team
  • Enterprise: Custom SLA support