I'm concern about the Rate Limits mentioned in https://api.labs.sophos.com/doc/index.html. I have an application that is used by many users which allows them to send files for analysis. The application uses the same Authorization Access Key across all the different users.
How the rate limit works, by IP/Access Token or by Access Key?
As mentioned in the comments the rate limit is applied per customer, i.e. per set of credentials used.
There is no limit applied by IP address.