Development keys have low rate limits (typically 20 requests per second and 100 requests per 2 minutes per key); note these are per-key, not per-endpoint.
Personal API keys have slightly higher limits and are intended for personal projects not distributed to other users; they still require periodic renewal.
For public or commercial applications, submit a production key application in the developer portal: provide app description, expected traffic, use-case category, and agree to the developer policies.
Riot reviews production applications manually; include accurate traffic estimates and a working demo or detailed description — vague applications are commonly rejected or delayed.
Once approved, production keys have significantly higher per-region rate limits and do not expire daily; monitor your usage with the X-App-Rate-Limit-Count and X-Method-Rate-Limit-Count response headers.
Implement a retry strategy with exponential backoff on HTTP 429 responses and respect the Retry-After header; Riot may suspend keys for sustained rate limit abuse.
Known gotchas
Rate limits are enforced per routing region per key — you can be rate limited on americas while still having headroom on europe; track limits per region independently.
The production key application asks for a link to a live or demo application; submitting without one significantly reduces approval chances — build a minimal demo first.
Riot's policies prohibit storing certain player data (e.g., account information) beyond specified durations; production key approval implicitly requires compliance, and violations can result in key revocation.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp