Rate limits apply to all API endpoints.
Per IP address
Rate limiting of the API is primarily on a per-user basis - or more accurately described, per its IP address. If an API allows for 500 requests per rate limit window, then it allows 500 requests per window per IP address.
10 Second Windows
Rate limits are divided into 10 second intervals. This limit is valid for both, authenticated and unauthenticated calls.
HTTP Headers and Response Codes
Use the HTTP headers in order to understand where the application is at for a given rate limit.
X-Rate-Limit-Limit- the rate limit ceiling for your IP address.X-Rate-Limit-Remaining- the number of requests left for the time window.X-Rate-Limit-Reset- the remaining window before the rate limit resets, in seconds.
When an application exceeds the rate limit, the API will return a HTTP 429 “Too Many Requests” response code, and the following error will be returned in the response body:
{
"error": "Rate limit exceeded. Please retry in 10 seconds."
}
Sample response
HTTP/1.1 429 Too Many Requests
Cache-Control: no-cache
Content-Type: application/json
Retry-After: 10
Transfer-Encoding: chunked
X-Rate-Limit-Limit: 500
X-Rate-Limit-Remaining: 0
X-Rate-Limit-Reset: 10
X-Request-Id: c805a564-1ce2-4803-bd74-e91002b0c56a
X-Runtime: 0.002531
{
"error": "Rate limit exceeded. Please retry in 10 seconds."
}
Tips to avoid being Rate Limited
The tips below are there to help you code defensively and reduce the possibility of being rate limited. Some application features that you may want to provide are simply impossible in light of rate limiting, especially around the freshness of results.
Caching
Store API responses in your application or on your site if you expect a lot of use. For example, don’t try to call the API on every page load of your website. Instead, call the API infrequently and load the response into a local cache. When users hit your website load the cached version of the results.
Prioritize active resources
If your site keeps track of many resources (for example, fetching their current status), consider only requesting data for recently active resources.
Adapt to the search results
If your application monitors a high volume of search terms, query less often for searches that have no results than for those that do. By using a back-off you can keep up to date on queries that are popular but not waste cycles requesting queries that very rarely change. Consider using filters, sorting and pages for your API calls.
Blacklisting
If an application abuses the rate limits, it will be blacklisted. Blacklisted apps are unable to get a response from the API. If you or your application has been blacklisted and you think there has been a mistake, you can contact our support team to request assistance. Please include the following information:
- response from the computer which you believe to be blacklisted;
- explanation why you think your application was blacklisted;
- description in detail how you have fixed the problem that you think caused you to be blacklisted.