API limitations in Shortcuts
There are a few limitations when working with APIs in Shortcuts:
OAuth: OAuth 2, a system of authentication that requires a user to manually enter their username and password on a login page, is currently not supported.
Various endpoints: APIs often have a variety of endpoints that you can use to request different types of data. Working with some APIs may require a series of API calls, first to retrieve current existing data, and then later to add, update, or delete more data.
Rate limiting: Many APIs have limitations on how often you can make requests. These restrictions are aimed at limiting abuse of an API service in case someone makes thousands or millions of requests programmatically. API services can be limited by hour, day, or month, or may require you to pay for API access after exceeding these limits.
Note: Usage of any web APIs in Shortcuts is subject to any terms and conditions of that service.
Because you’re creating a custom API key for your own use within Shortcuts, you probably won’t reach the usage limits. However, using Repeat actions to make a large number of requests in a short period of time may lead to usage overages. If you do reach a usage limit, you may need to wait until your service is restored and/or batch your processes to perform a limited amount of operations at a time.