Rate Limit Policy
About the policy
The Remote API limits the number of authenticated requests to 20 requests per minute. Requests exceeding this limit are not processed and return an error as described in the sections below.
How it works?
In a one-minute time window, the Remote API can processes up to 20 requests per company. This means the control is based on the company not the token. Therefore, the count of the requests authenticated with tokens belonging to a same company cannot exceed 20.
The one-minute time window starts counting from the first request. After one minute (60 seconds), the counter is reset and a new time window will start when a new request reaches the Remote API server.
HTTP Headers
The following three headers are always present in authenticated requests, regardless of whether it's successful.
x-ratelimit-count
: the number of requests performed within the rate limit period. This counter resets every timex-ratelimit-reset
reaches0
.x-ratelimit-remaining
: the number of requests you can make before you have to wait for rate limit period to reset. This counter decrements to0
, and resets afterx-ratelimit-reset
reaches0
.x-ratelimit-reset
: the number of milliseconds before your remaining number of requests (x-ratelimit-remaining
) resets to the maximum limit and the number of requests you've made within the current rate limit period (x-ratelimit-count
) resets back to0
.
Example of a successful response, containing the rate limit headers
curl -I --location --request GET \
--header "Authorization: Bearer ra_live_e32d..." \
--header "Content-Type: application/json" \
https://gateway.remote.com/v1/countries
HTTP/2 200
Content-Type: application/json; charset=utf-8
x-ratelimit-count: 5
x-ratelimit-remaining: 15
x-ratelimit-reset: 12043
...
Example of a response when rate limit is exceeded
curl -I --location --request GET \
--header "Authorization: Bearer ra_live_e32d..." \
--header "Content-Type: application/json" \
https://gateway.remote.com/v1/countries
HTTP/2 429
Content-Type: application/json; charset=utf-8
x-ratelimit-count: 21
x-ratelimit-remaining: 0
x-ratelimit-reset: 12043
...
Response for exceeded requests
The Remote API responds when a request exceeds the limit with a 429 HTTP Status (Too Many Requests) and an informative message, such as:
curl -I --location --request GET \
--header "Authorization: Bearer ra_live_e32d..." \
--header "Content-Type: application/json" \
https://gateway.remote.com/v1/countries
HTTP/2 429
Content-Type: application/json; charset=utf-8
...
{"message": "Customer rate-limit exceeded"}
If you want to provide feedback on the rate limit, please send a message to [email protected].
Updated 15 days ago