Back to Home

Rate Limits

Understand the rate limits applied to API requests to ensure fair usage.

Default Limits

Rate limits are applied per API key. The default limits depend on your key type:

Admin Keys

Per minute60 requests
Per day10,000 requests

Shop Keys

Per minute30 requests
Per day5,000 requests

Custom rate limits can be configured when creating an API key in the management portal.

Rate Limit Headers

Every API response includes headers showing your current rate limit status:

X-RateLimit-LimitMaximum requests allowed in the current windowe.g., 60
X-RateLimit-RemainingRequests remaining in the current windowe.g., 45
X-RateLimit-ResetUnix timestamp when the rate limit resetse.g., 1707220800

Handling Rate Limits

When you exceed the rate limit, you'll receive a 429 Too Many Requests response:

{
  "success": false,
  "error": {
    "code": "RATE_LIMITED",
    "message": "Rate limit exceeded. Try again in 45 seconds.",
    "retryAfter": 45
  }
}

Best Practices

  • Monitor the X-RateLimit-Remaining header to avoid hitting limits
  • Implement exponential backoff when receiving 429 responses
  • Cache responses where appropriate to reduce API calls
  • Batch operations when possible instead of making many small requests

Need Higher Limits?

If you need higher rate limits for your integration, contact us to discuss custom limits for your use case.

api@thevirtualmall.co.uk