client_id) per minute to ensure fair usage and protect service availability.
Limits by HTTP method
| Method | Limit | Applies to |
|---|---|---|
GET | 1,000 req/min | All /v1/* endpoints |
POST | 200 req/min | All /v1/* endpoints |
PATCH | 200 req/min | All /v1/* endpoints |
DELETE | 100 req/min | All /v1/* endpoints |
| Endpoint | Limit |
|---|---|
POST /oauth/token | 20 req/min per IP |
POST /oauth/revoke | 20 req/min per IP |
GET /oauth/authorize | 20 req/min per IP |
POST /v1/auth/register-app | 10 req/hour per IP |
POST /v1/auth/rotate-app | 10 req/hour per IP |
Rate limit headers
Every response includes headers showing your current usage:| Header | Description |
|---|---|
X-RateLimit-Limit | Total limit for the current window. |
X-RateLimit-Remaining | Requests remaining in the window. |
X-RateLimit-Reset | Unix timestamp when the window resets. |
When the limit is exceeded
429: