Rate Limiting

Rate Limit Exceeded (RATE_LIMIT_EXCEEDED)

The request was rejected because the client exceeded the configured rate limit.

Response format

The 429 response uses the Problem Details format:


Code
{
  "type": "https://httpproblems.com/http-status/429",
  "title": "Too Many Requests",
  "status": 429,
  "detail": "Rate limit exceeded",
  "instance": "/your-route",
  "trace": {
    "requestId": "4d54e4ee-c003-4d75-aba9-e09a6d707b08",
    "timestamp": "2026-04-14T12:00:00.000Z",
    "buildId": "ec44e831-3a02-467e-a26c-7e401e4473bf"
  }
}

If headerMode is set to "retry-after" (the default), the response includes a Retry-After header with the number of seconds to wait before retrying.

Common Causes

Too many requests — The client sent more requests than the rate limit policy allows within the configured time window.
Shared rate limit — Multiple clients or API keys share a rate limit pool that has been exhausted.
Burst traffic — A sudden spike in requests exceeded the allowed burst capacity.

How to Fix

Check the Retry-After header — The response typically includes a Retry-After header indicating how long to wait before sending another request.
Implement backoff — Add exponential backoff and retry logic to the client.
Request a higher limit — If the current rate limit is too restrictive, contact the API provider about upgrading the plan or adjusting limits.

For API Operators

Review the rate limiting policy configuration in the route settings. Check the requestsAllowed and timeWindowMinutes values and verify that the rateLimitBy identifier is resolving correctly.
Consider using dynamic rate limiting to set different limits per customer tier.
Use your logging integration to filter for 429 responses and identify which consumers are being throttled. Break down by user or IP to spot noisy neighbors.

Edit this page

Last modified on April 14, 2026

Monitoring & Troubleshooting Introduction

Response format

The 429 response uses the Problem Details format:

Code

{
  "type": "https://httpproblems.com/http-status/429",
  "title": "Too Many Requests",
  "status": 429,
  "detail": "Rate limit exceeded",
  "instance": "/your-route",
  "trace": {
    "requestId": "4d54e4ee-c003-4d75-aba9-e09a6d707b08",
    "timestamp": "2026-04-14T12:00:00.000Z",
    "buildId": "ec44e831-3a02-467e-a26c-7e401e4473bf"
  }
}

If headerMode is set to "retry-after" (the default), the response includes a Retry-After header with the number of seconds to wait before retrying.

Common Causes

Too many requests — The client sent more requests than the rate limit policy allows within the configured time window.

Shared rate limit — Multiple clients or API keys share a rate limit pool that has been exhausted.

Burst traffic — A sudden spike in requests exceeded the allowed burst capacity.

How to Fix

Check the Retry-After header — The response typically includes a Retry-After header indicating how long to wait before sending another request.

Implement backoff — Add exponential backoff and retry logic to the client.

Request a higher limit — If the current rate limit is too restrictive, contact the API provider about upgrading the plan or adjusting limits.

For API Operators

Review the rate limiting policy configuration in the route settings. Check the requestsAllowed and timeWindowMinutes values and verify that the rateLimitBy identifier is resolving correctly.

Consider using dynamic rate limiting to set different limits per customer tier.

Use your logging integration to filter for 429 responses and identify which consumers are being throttled. Break down by user or IP to spot noisy neighbors.

Edit this page

Last modified on April 14, 2026