The Duda REST API is available over HTTPS only to ensure data privacy. Unencrypted HTTP is not supported. As of the current version, the Duda REST API is secured with HTTP Basic Authentication.
Duda recommends requiring a TLS connection instead of SSL. The Duda API does not accept SSLv3 connections, due to the POODLE venerability.
Duda no longer has any rate limiting on the platform. Since we released our new self-hosted analytics solution we no longer have API limitations.