Rate Limits
Understand API rate limits and how to handle them in your integrations.
Rate Limit Tiers
Anonymous
Free
Pro
Enterprise
Rate Limit Headers
Every API response includes headers to help you track your rate limit usage.
X-RateLimit-LimitMaximum requests allowed in the current window
Example: 60
X-RateLimit-RemainingRequests remaining in the current window
Example: 45
X-RateLimit-ResetUnix timestamp when the rate limit resets
Example: 1705312800
Retry-AfterSeconds to wait before retrying (only on 429 responses)
Example: 30
Handling Rate Limits
429 Too Many Requests
When you exceed the rate limit, you'll receive a 429 response.
{
"success": false,
"error": {
"code": "RATE_LIMIT_EXCEEDED",
"message": "Too many requests. Please try again later.",
"retryAfter": 30
}
}Best Practices
Implement Exponential Backoff
When you receive a 429, wait the specified time before retrying. Double the wait time for each consecutive failure.
Monitor Rate Limit Headers
Check X-RateLimit-Remaining before making requests to avoid hitting the limit.
Cache Responses
Cache server data locally to reduce API calls. Server information doesn't change frequently.
Use Webhooks for Scans
Instead of polling for scan results, use webhooks to receive notifications when scans complete.
Example: Retry Logic
async function fetchWithRetry(url, options, maxRetries = 3) {
for (let i = 0; i < maxRetries; i++) {
const response = await fetch(url, options);
if (response.status === 429) {
const retryAfter = response.headers.get('Retry-After') || 30;
const waitTime = parseInt(retryAfter) * 1000 * Math.pow(2, i);
console.log(`Rate limited. Waiting ${waitTime}ms...`);
await new Promise(resolve => setTimeout(resolve, waitTime));
continue;
}
return response;
}
throw new Error('Max retries exceeded');
}Need Higher Limits?
Upgrade to a Pro or Enterprise plan for increased rate limits, priority scanning, and advanced features.
View Pricing