Rate limits
There are two layers: a per-minute burst limit and a per-day quota tied to your tier.
Per-minute burst (always on)
Keyed by token (if present) or client IP.
| Caller | Burst limit |
|---|---|
| Anonymous (per IP) | 120 / min |
| Keyed (per token) | 600 / min |
Response when exceeded:
HTTP/1.1 429 Too Many Requests
Retry-After: 23
{ "error": { "code": "rate_limited", "message": "Too many requests. Retry after 23 seconds." } }
Sleep at least Retry-After seconds before retrying.
Per-day quota (tier-based)
Counted per key (or per IP for anonymous), resets at UTC midnight.
| Tier | Daily quota |
|---|---|
| free | 5 / day |
| pro | 500 / day |
| dev | 1,000 / day |
Response when exceeded:
HTTP/1.1 429 Too Many Requests
{ "error": { "code": "daily_limit_exceeded", "message": "Daily request limit of 500 reached for your API key." } }
What does and does not count
/healthdoes not count against either limit.- Cached responses (the soft 60s aggregate cache) still count.
- A
401or429response counts against the burst limit but not the daily quota.
Tracking your usage
Logged-in users see today's count, last-7-days count, and the daily cap for every active key on the account page.