Rate Limiting
Overview
To provide a reliable and consistent experience for all users, we have implemented rate limiting on the /oauth/token endpoint. This means there are limits on how many authentication requests can be made within a specific timeframe.
OAuth Token Endpoint
/oauth/token Rate Limits
/oauth/token Rate Limits- Rate Limit: 180 requests per minute per
clientIdanduserId
Error Response
If this limit is exceeded, the API will return an error with the message:
{
"errorCode": "AUTHENTICATION FAILED",
"message": "Too many requests, please try again after [X] seconds."
}General API Rate Limits
The following rate limits are applied based on the environment. The "burst" limit is intentionally set higher to handle legitimate spikes in traffic without impacting your service.
Sandbox Environment
Authenticated Traffic (per Member ID)
| Path Pattern | Rate Limit | Burst Limit |
|---|---|---|
/api/v1/ paths | 100 requests per minute | 200 |
/eagle-eye paths | 50 requests per minute | 100 |
Unauthenticated Traffic (per IP Address)
| Path Pattern | Rate Limit | Burst Limit |
|---|---|---|
| All paths | 100 requests per minute | 200 |
Production Environment
Authenticated Traffic (per Member ID)
| Path Pattern | Rate Limit | Burst Limit |
|---|---|---|
/api/v1/ paths | 500 requests per minute | 1,000 |
/eagle-eye paths | 100 requests per minute | 200 |
Unauthenticated Traffic (per IP Address)
| Path Pattern | Rate Limit | Burst Limit |
|---|---|---|
| All paths | 150 requests per minute | 300 |
Updated 8 months ago