Rate limiting of the API is based on client basis (account, oauth application or partner) and apply to any call under this scope. Rate limits are divided into 10 seconds intervals and fall into the following categories:
| Access type | Limit | Interval |
|---|---|---|
| Account tokens | 10 requests | 10 seconds |
| Oauth 2.0 tokens | 50 requests | 10 seconds |
| Partner tokens | 50 requests | 10 seconds |
Clients that exceed the aforementioned rates will cause API to return an HTTP 429 response.
All responses will include the following HTTP Headers which can help you build a proper throttling mechanism:
| Header | Description |
|---|---|
X-Rate-Limit-Limit | The maximum allowed requests |
X-Rate-Limit-Remaining | Remaining requests in the current interval |
X-Rate-Limit-Reset | Timestamp of next interval |
Legacy partners
Third party providers that are still borrowing account tokens to access API can leverage the increased limits for partners by setting the header
X-WORKABLE-CLIENT-IDon their calls.Please contact us to receive the client ID if you haven't received it yet or you build a new solution.