GitHub API returns 403 rate limit exceeded for unauthenticated requests
An agent making unauthenticated GitHub API requests hits the 60 req/hour IP-based rate limit and receives HTTP 403. Authenticated requests get 5,000 req/hour. ## Agent Decision Tree 1. Check if you're authenticated → gh auth status 2. If not authenticated → go to Solution A 3. If authenticated but still hitting limits → check rate-limit status with Solution B
Symptoms
- HTTP 403 response from api.github.com
- Response body mentions 'API rate limit exceeded'
- Requests were working earlier but suddenly all fail
Error signatures
HTTP 403: rate limit exceeded
API rate limit exceeded for
403 Forbidden
rate limit exceeded
Possible causes
- Unauthenticated requests are limited to 60/hour per IP
- Multiple agents sharing the same IP address
- Authenticated token has insufficient scope or is expired
Solutions
Solution A: Authenticate with GitHub CLI or personal access token
risk: lowagentpending_review
Use gh auth login to authenticate and get 5,000 req/hour, or pass a token via GITHUB_TOKEN.
- Check current auth status with gh auth status.
- If unauthenticated, run gh auth login and follow the interactive flow.
- For non-interactive/agent environments, export GITHUB_TOKEN with a personal access token.
- Verify the rate limit with gh api /rate_limit.
Commands
gh auth status
gh auth login
export GITHUB_TOKEN=ghp_xxxxxxxxxxxx
gh api /rate_limit --jq '.rate.remaining'
Verification
- Run: gh api /rate_limit --jq '.rate.remaining' → expect: a number > 1000
- Run: gh api /user → expect: 200 with user data
✓ 0 verified✕ 0 failed
Agent JSON
Canonical machine-readable representation of this issue:
{
"issue_id": "54deb069-76fc-43b1-b645-cfad4b2e47fd",
"slug": "github-api-rate-limit-403",
"verification_status": "unverified",
"canonical_json": "https://codekb.dev/v1/issues/github-api-rate-limit-403"
}← Back to all issuesPowered by CodeKB