This is an accepted solution.
The Checkout API is treated the same as the server side API rate limit. We've never experienced this with our app, but one of our high-volume merchants noted it happened recently with another app.
I hope this helps!
How is this solved? Rate limits are definately going to mess up with a private app because there has to be one backend server and thus one IP adding products to carts, etc. I can't find good information on this, just a bunch of extra work recommendations to get back to the basics of being able to just use a server without getting throttled. I can make my own e-commerce solution if that's what Shopify wants to do here. What are we even paying for?
I'm sure they do encourage that but there are CORS errors and so it's impossible. How are there not better docs on CORS. There are soooo many questions in this forum that don't answer the questions that are asked. They just say, sorry actually you are encouraged to do this other thing that you didn't ask about.