Home / API Reference / API Rate Limiting

API Rate Limiting

100 requests per 60 seconds per key

What it is

The API enforces rate limits to prevent abuse. By default, each API key is limited to 100 requests per 60-second window per endpoint.

How it works

Rate limiting uses the rate_limits table. The identifier is api_key_{id} when authenticated, or ip_{ip} when not. The endpoint path (e.g. clients) is tracked for granular limits.

When exceeded

You receive 429 Too Many Requests with:

{
  "success": false,
  "error": {
    "message": "Rate limit exceeded",
    "code": "RATE_LIMIT_EXCEEDED"
  }
}

Best practices

  • Implement exponential backoff when you receive 429.
  • Cache responses where possible (e.g. product pricing) to reduce calls.
  • Use pagination (?per_page=50) instead of fetching large lists repeatedly.

Was this helpful?

Tags: API