The API is rate limited per minute and different resources have different limits. If a resource is 10 per minute that means for a time period of 16:20:00 to 16:21:00, only ten requests are allowed for the period (dictated by server). The rate limiter does allow bursting so if no requests have been received between 16:20:00 and 16:20:50, and then 10 are received over the next 10 seconds, they should all succeed.
You must implement suitable error handling for 429 responses. Using an exponential backoff with a random jitter is the recommended way to handle 429s.
The different rate limits for different resources are listed below.
If an api user has not created an api session, then all requests (including authentication requests) are limited to 10 per minute.
Once a user has logged in, higher rates are allowed.
Rates requests are limited to 200 per minute
For all other resources, requests are limited to 500 per minute
HTTP Headers and Response Codes
Each response has HTTP headers that provide data on where your application is at for a given rate limit.
X-Rate-Limit-Limit:the rate limit ceiling for that given request
X-Rate-Limit-Remaining:the number of requests left for the 1 minute window
X-Rate-Limit-Reset:the remaining window before the rate limit resets
When the rate limit is applied the API will return status code HTTP 429 “Too Many Requests”. In which case you should wait 60 secounds before retrying.
If you have different requirements, please contact our solutions team so we can better address your needs.