Rate Limits
The Pipeback API implements rate limiting to ensure fair usage and maintain service quality for all users.
Rate Limit Details
All API requests are limited to 60 requests per minute. The rate limit is applied per:
- Authenticated requests: Limited by user ID (from your API token)
- Unauthenticated requests: Limited by IP address
Rate limiting is disabled in local development environments to facilitate testing and development.
Rate Limit Headers
To help you monitor your application's usage and avoid hitting rate limits, we include the following HTTP headers in all API responses:
- Name
X-Ratelimit-Limit- Type
- integer
- Description
The maximum number of API calls allowed per minute (currently 60)
- Name
X-Ratelimit-Remaining- Type
- integer
- Description
The number of API calls remaining in the current 60-second window
Example Response Headers
HTTP/1.1 200 OK
X-Ratelimit-Limit: 60
X-Ratelimit-Remaining: 45
Content-Type: application/json
Handling Rate Limits
If you exceed the rate limit, the API will return a 429 Too Many Requests response:
429 Response
{
"message": "Too Many Requests"
}
Best Practices
- Name
Monitor headers- Description
Check
X-Ratelimit-Remainingheader to track your usage
- Name
Implement backoff- Description
When you receive a 429 response, wait before retrying
- Name
Cache responses- Description
Store frequently accessed data locally to reduce API calls
- Name
Batch requests- Description
Group multiple operations when possible to minimize request count
- Name
Distribute load- Description
Spread API calls throughout the minute rather than bursting all at once
Rate Limit Strategy
The rate limit resets on a rolling window basis:
- Each request starts a new 60-second window
- After 60 seconds from any request, that request's "slot" becomes available again
- This allows for consistent throughput rather than burst-then-wait patterns
Example: If you make 60 requests at 12:00:00, you can make another request at 12:01:00 when the first request's window expires.