This is a very bad idea. On the API side, “blocking without warning” usually results in a lot of extra load. While you cannot prevent malicious code from placing enormous load on an API, you SHOULD tell your users when they have exceeded a limit and you SHOULD tell them how long to wait before running another request. This makes it possible to write a well-behaved API consumer that reacts to operational conditions without intervention.

This is also a very important part of the API design contract — tell your users how to interact with your API. When I am calling an API, I love the 429 status code with a Retry-After header. My code backs off until whatever condition is occurring on the other side resolves.