API Rate Limits | ApexVerify Documentation

To ensure platform stability, fair usage, and optimal performance across all tenants, the ApexVerify API enforces rate limits on your requests. Our infrastructure implements a token bucket algorithm for precise allocation.

Maximum Throughput

All API consumers are bounded by a standard limit of 180 requests per minute.

Rate Limit Headers

Every successful or failed API response includes HTTP headers to help your application programmatically track its current rate limit status and consumption.

HTTP Header	Description
`X-RateLimit-Limit`	The total number of requests permitted within the allocated time window.
`X-RateLimit-Remaining`	The number of requests remaining in the current window before limits are enforced.
`X-RateLimit-Used`	The number of requests already consumed in the current window.

Handling Rate Exceeded Errors

If your integration attempts to make requests exceeding the limit, the API will refuse the connection and respond with a 429 Too Many Requests HTTP status code.

To facilitate exponential backoff strategies, the response will also include a Retry-After header. This header specifies the number of seconds your application must pause before resuming requests.

1 HTTP/1.1 429 Too Many Requests
2 Retry-After: 44
3 X-RateLimit-Limit: 180
4 X-RateLimit-Used: 180
5 X-RateLimit-Remaining: 0
6 Content-Type: application/json
7 
8 {
9   "message": "Too Many Requests"
10 }