Rate Limits

The API enforces rate limits to ensure fair usage and protect service stability.

Limits

The default limit is 100 requests per minute per API key. If you exceed this limit the API responds with a 429 Too Many Requests status code. The limit resets on a rolling one-minute window.

Response Headers

Every API response includes the following headers so you can monitor your current usage:

X-RateLimit-LimitThe maximum number of requests allowed per minute for your key.

X-RateLimit-RemainingThe number of requests remaining in the current window.

X-RateLimit-ResetThe UTC epoch timestamp (in seconds) at which the current window resets and your limit is restored.

Handling Rate Limits

When you receive a 429 response, wait until the time indicated by X-RateLimit-Reset before retrying. We recommend implementing exponential backoff with jitter for robust integrations. The response body will look like this:

429 Response

{
  "error": {
    "code": "rate_limit_exceeded",
    "message": "Too many requests. Please slow down and retry after the reset time."
  }
}

Authentication Programs