2. User API Profiles¶
The User API Profiles admin page tracks per-user counters for the WHG public API and lets staff adjust individual users’ daily quotas — for example, to support a researcher running a bulk reconciliation against several thousand records.
2.1. Where to find it¶
Production: https://whgazetteer.org/admin/api/userapiprofile/
Development: https://dev.whgazetteer.org/admin/api/userapiprofile/
It also appears under API → User API profiles on the admin index.
2.2. What you’ll see¶
One row per user who has used the API at least once. (Profiles are created lazily on first use, so users who have never called the API won’t appear.) Columns:
Column |
Meaning |
|---|---|
user |
The Django user the profile belongs to. Click the username to open the user’s profile in the auth admin. |
daily_count |
Read-only. Number of API calls made today. Resets automatically at midnight UTC. |
daily_limit |
Editable. Maximum API calls per day for this user. Default is 5,000. |
total_count |
Read-only. Lifetime API call count for this user. |
2.3. Common tasks¶
2.3.1. Bumping a researcher’s daily quota¶
A researcher needs more than the default 5,000 calls/day for a bulk reconciliation:
Find the user in the list (Search by username or email at the top).
Click the row to open it (or use the inline-editable
daily_limitcolumn on the changelist).Set
daily_limitto the new ceiling — pick a number that comfortably covers the planned work. For one-off bulk jobs, double or triple the default is reasonable.Click Save.
The new limit takes effect immediately on the user’s next API call. Counters do not reset when the limit changes — if the user has already hit today’s old limit, they’ll need to wait until the daily reset (UTC midnight) before any new calls go through, even with a raised ceiling.
2.3.2. Resetting a user’s counter¶
There’s no “reset” button by design — daily_count resets automatically
at UTC midnight. If you absolutely need to clear it earlier, ask a
superuser to run UserAPIProfile.objects.filter(user__username='…').update(daily_count=0)
in the Django shell. Don’t do this routinely; raising daily_limit
is almost always the right answer.
2.3.3. Investigating heavy usage¶
Sort the changelist by total_count (descending) to see who has hit the API hardest over the lifetime of their account. The current daily_count column shows today’s activity. Spikes that look out of character — say, a normally light user suddenly at 4,800 against the default 5,000 — are worth a quick check before quotas trigger.
2.4. Permissions¶
Staff access is sufficient to view and edit daily_limit. The other
fields are read-only for everyone.