Rate Limit for Partner
About the policy
The Remote API limits the number of authenticated requests to 250 requests per minute for each CLIENT ID. Requests exceeding this limit are not processed and return an error as described in the sections below.
How it works?
In a one-minute time window, the Remote API can processes up to 250 requests regardless of the token. This means the control is based on the CLIENT ID not the token. Therefore, the count of the requests authenticated with tokens belonging to a same CLIENT ID
cannot exceed 250.
The one-minute time window starts counting from the first request. After one minute (60 seconds), the counter is reset and a new time window will start when a new request reaches the Remote API server. Requests to issue an access token are counted as regular requests.
HTTP Headers
The following three headers are always present in authenticated requests, regardless of whether it's successful.
x-ratelimit-count
: the number of requests performed within the rate limit period. This counter resets every timex-ratelimit-reset
reaches0
.x-ratelimit-remaining
: the number of requests you can make before you have to wait for rate limit period to reset. This counter decrements to0
, and resets afterx-ratelimit-reset
reaches0
.x-ratelimit-reset
: the number of milliseconds before your remaining number of requests (x-ratelimit-remaining
) resets to the maximum limit and the number of requests you've made within the current rate limit period (x-ratelimit-count
) resets back to0
.
Example of a successful response, containing the rate limit headers
curl -I --location --request GET \
--header "Authorization: Bearer eyJraWQiOiJqdjR1QzJtW..." \
--header "Content-Type: application/json" \
https://gateway.remote.com/v1/countries
HTTP/2 200
Content-Type: application/json; charset=utf-8
x-ratelimit-count: 5
x-ratelimit-remaining: 245
x-ratelimit-reset: 12043
...
Example of a response when rate limit is exceeded
curl -I --location --request GET \
--header "Authorization: Bearer eyJraWQiOiJqdjR1QzJtW..." \
--header "Content-Type: application/json" \
https://gateway.remote.com/v1/countries
HTTP/2 429
Content-Type: application/json; charset=utf-8
x-ratelimit-count: 256
x-ratelimit-remaining: 0
x-ratelimit-reset: 12043
...
Response for exceeded requests
The Remote API responds when a request exceeds the limit with a 429 HTTP Status (Too Many Requests) and an informative message, such as:
curl -I --location --request GET \
--header "Authorization: Bearer eyJraWQiOiJqdjR1QzJtW..." \
--header "Content-Type: application/json" \
https://gateway.remote.com/v1/countries
HTTP/2 429
Content-Type: application/json; charset=utf-8
...
{"message": "Customer rate-limit exceeded"}
If you want to provide feedback on the rate limit, please send a message to [email protected].
Updated 29 days ago