Rate limiter blocking valid requests

The rate limiter erroneously blocks legitimate API requests when multiple endpoints are called in quick succession. Users encounter “429 Too Many Requests” even at low volume. Adjusting token bucket settings and endpoint whitelisting will prevent false positives.