Home / Basics / Highnote API
API Rate Limiting
By default, the test environment has 50% of the rate limit of the live environment.
To maintain optimal performance, an API rate limit limits the number of requests a client can make within a specific time frame. The Highnote platform has different rate limit types:
- Request
- Complexity
Rate limiting is based on which type you hit first. Each type has a specific rate limit for each Auth/API type:
| Auth/API Type | Limit | Note |
|---|---|---|
| API key | 200 requests per 10 seconds | Aggregate limit across all API keys assigned to an org |
| Client token | 20 requests per 10 seconds per user/subject | |
| REST API | 200 requests per 10 seconds |
| Auth/API Type | Limit | Note |
|---|---|---|
| API key | 5,000 complexity per 10 seconds | Aggregate limit across all API keys assigned to an org |
| Client token | 5,000 complexity per 10 seconds per user/subject | |
| REST API | N/A |
For more information on calculating request complexity, see Request Complexity.
When an API request is rate limited, Highnote API returns a 429 TOO MANY REQUESTS status code.
If you exceed the API rate limit, the cost field is not returned in your API response. Instead, the Highnote API uses a retryAfter field to show how long to wait before retrying.
The following example represents a response of a rate-limited API request:
- Rate Limited Response Example
Refer to the following best practices to avoid hitting rate limits:
-
Avoid polling: Avoid polling the API for asynchronous updates by registering a webhook target to receive notification events. See Notifications.
-
Use pagination: When querying for listed data, use pagination to limit the number of requested items.
-
Implement exponential backoff: Implement retries with exponential backoff when an API request receives a
429 TOO MANY REQUESTSresponse. For help, see: