Open
Description
We originally planned to rate limit authenticated users to one new server per user/org per day.
@SecretiveShell flagged: "please hold off on this for the initial week, as I and probably many other people would want to add their multiple existing servers in one go when it initially launches"
This makes sense to me. If we do enforce that rate limit, we'll want some initial grace period at least. But it may be worth reconsidering the rate limit pace altogether (maybe there will be plenty of use cases where e.g. an enterprise adopts MCP and wants to launch dozens of servers on one day?).
So I think:
- When we initially go-live, start with a looser limit, like 10 servers per use per day; make sure we have the data to retroactively analyze usage patterns on this front (e.g. timestamps of every publish action)
- After it had been live for a few weeks, analyze the data
- Adjust rate limits based on the data we're seeing
- Provide an escape hatch: allow folks to open a PR requesting a rate limit exception (e.g. a YAML file with rate limit exceptions)