Rate limiting practices

In order to protect you and our other customers, we employ rate limiting across our APIs. You can make up to 10,000 requests every five minutes per user as determined by IP address. Learn about rate limiting.

Rolling window

The five-minute window for rate limiting is a rolling window. So if you receive an error for exceeding the request limit, you don't have to wait for five minutes from the time the error was triggered; instead, you only need to wait until that five-minute window is over. For example, if you send 7,500 requests within three minutes and you receive an error, you only need to wait two more minutes before retrying.

Exceeding the limit

If your IP address exceeds this limit—until the five-minute window has elapsed—we respond to requests by:

  • sending an HTTP 429 status code response (learn about HTTP 429 status), and
  • adding an X-RateLimit-Limit HTTP response header with the current limit (7,500).


This limit should be sufficient for any nominal operation, but it may cause issues during backloads. We expect you to throttle your API requests to stay within this limit. If this isn't possible, submit a ticket via our Help Desk to examine alternative options.