Rate limits
Per-minute and monthly quotas per API key.
Each API key has two rate-limit windows: a per-minute burst cap and a calendar-month total. Exceeding either returns 429 rate_limit.exceeded with a Retry-After header indicating when the window opens again. See the errors reference for the response envelope.
Tiers
| Tier | Monthly | Per minute | Active keys | Price |
|---|---|---|---|---|
| Sandbox | 500 | 10 | 1 | Free |
| Builder | 10,000 | 60 | 3 | $19/mo |
| Production | 100,000 | 200 | 10 | $79/mo |
| Enterprise | Unlimited | Unlimited | Unlimited | Custom |
Headers
Every response carries the counters for the active window:
X-RateLimit-Limit: 10000
X-RateLimit-Remaining: 8470
X-RateLimit-Reset: 1711756800X-RateLimit-Reset is a Unix timestamp indicating when the window opens. On a 429, the response also includes Retry-After in seconds. When the per-minute window is the one that was breached, the reported X-RateLimit-Limit reflects the per-minute cap rather than the monthly cap.
Staying under quota
Cache responses where data freshness allows. Permits and enforcement records change on the order of hours, not seconds, so caching across requests is usually safe.
Use list endpoints with filters to pull many records per request instead of iterating key-by-key.
On 429, wait for the Retry-After interval rather than retrying tight. Retries inside the window still count against the per-minute bucket.