Guides
AppLB Platform
Start typing to search…
  1. Getting Started

Rate Limiting

To protect the platform and ensure fair usage across clients, all API requests are subject to rate limiting. When a client exceeds the allowed request quota, further requests are temporarily blocked.

Rate Limit Response Headers

Each API response includes headers that describe the current rate-limit state for the API key.

HeaderDescription
X-RateLimit-LimitThe maximum number of requests allowed per API key within a one-minute rolling window.
X-RateLimit-RemainingThe number of requests remaining in the current rate-limit window.
X-RateLimit-ResetThe number of seconds until the rate-limit window resets and the quota is refreshed.
Retry-AfterThe number of seconds the client must wait before retrying the request. Returned only when the rate limit has been exceeded.

Example Headers When Limit Is Reached

X-RateLimit-Limit: 2
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 46
Retry-After: 46

Interpretation

  • The API key is limited to 2 requests per minute
  • All requests for the current window have been consumed
  • The rate limit will reset in 46 seconds
  • Any additional requests before the reset will be rejected

HTTP 429 – Too Many Requests

When the rate limit is exceeded, the API returns:

HTTP/1.1 429 Too Many Requests

Response Characteristics

  • The request is not processed
  • No business logic is executed
  • The response includes a Retry-After header indicating when it is safe to retry

Client Retry Guidelines

Clients are expected to implement responsible retry behavior.

Required Behavior

  • Do not retry immediately after receiving a 429 response
  • Respect the Retry-After header value
  • Resume requests only after the specified delay

Recommended Best Practices

  • Implement automatic retry with backoff
  • Pause requests until X-RateLimit-Reset reaches 0
  • Avoid parallel retries using the same API key

Example Retry Logic (Pseudo-Flow)

  1. Send request

  2. If response is 200–299 → continue

  3. If response is 429:

    • Read Retry-After
    • Sleep for the specified duration
    • Retry the request

Notes

  • Rate limits are enforced per API key
  • Limits apply across all endpoints unless otherwise specified

Updated 16 days ago