I’m building using Pickaxe that connects to the OpenAI API. I’m concerned about users making excessive or even malicious requests (like refreshing the page repeatedly or using scripts) just to artificially increase my API usage and drive up my costs.
What are the best practices or technical solutions to prevent this kind of abuse?
Some specific concerns:
Rate limiting per user or IP
Blocking automated/bot traffic
Setting usage quotas per user
Detecting abnormal usage patterns
Does Pickaxe offer any built-in solutions for this, or should I implement a proxy API with my own controls?
There are different options depending on the tool you are using.
You can ask users to log in to use the tools, giving you more control over bots.
You can set tool usage limits for both guest users (no log-in required) and members (log-in required)
You can also create products where they can have a low threshold number of uses before they are asked to upgrade to a paid version.
With the pro version, you now have access to the AIPs and you can build a scenario in Make that gives you the total number of uses per user. You can run it on a daily basis and block a user if you suspect it is a bot.
Finally, set a notification threshold and a budget limit in the OpenAI platform to avoid over spending.
