Rate Limiting
Understand API rate limits, response headers, and how to handle 429 Too Many Requests errors.
The API enforces rate limits to ensure fair usage and service stability.
Limits
| Context | Limit |
|---|---|
| Authenticated requests (per API key) | 120 requests / minute |
| Unauthenticated requests (per IP) | 20 requests / minute |
Rate limit headers
Every response includes headers showing your current rate limit status:
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests allowed per window |
X-RateLimit-Remaining | Requests remaining in the current window |
X-RateLimit-Reset | Unix timestamp when the window resets |
Handling rate limits
When you exceed the rate limit, the API returns 429 Too Many Requests:
{
"error": {
"type": "rate_limit_error",
"message": "Rate limit exceeded. Please retry after the Retry-After period.",
"code": "rate_limited"
}
}The response includes a Retry-After header with the number of seconds to wait before retrying.
Best practices
- Check headers proactively. Monitor
X-RateLimit-Remainingto avoid hitting the limit. - Implement exponential backoff. When you receive a 429, wait for the
Retry-Afterduration, then retry with increasing delays. - Cache responses. If your integration reads the same data repeatedly, cache it locally to reduce API calls.