i am an intern doing a graduatesdegree in programming.

The company "employing" me asked of me to make an application for e-invoicing. This application makes use of an API with a rate limit (token bucket style: 60 calls/minute, fills with 10/10 sec. max 60 tokens).

There is one API key for the company. The problem is this company has a daughter company that will make use of the same API key (before you say "to ask for two", this is not negotiable lol). This means 2 instances of the program both using the same API with same key.

The users open an instance of the frontend wich is connected to the backend trough the use of a REST API. This means communication between the two is possible when both are active at the same time.

What would be a good way to decide how many tokens one instance of the application can use? Is it a good practice to just let the user only use 30 tokens that way there will never be a problem?

I'm struggling to solve this problem effeciently...

I apologise for my bad English.