#how to use authRateLimits?

I see auth schema has authRateLimits defined and its in docs but not much info available on how to ratelimit the auth e.g. magic emails

The rate limiting is automatic. Convex Auth rate limits all sign-ins where users provide email + (short) secret, so in OTP and Password flows.

The library doesn't rate limit magic links (the code is long enough to not be bruteforceable) or OAuth.

You can configure the rate limit via this option:
https://labs.convex.dev/auth/api_reference/server#signinmaxfailedattempsperhour