Every request passes three rate-limit checks: the per-IP global cap, the per-key counter, and the per-tier aggregate. The first one to deplete returns a 429 with explanatory headers naming the layer that rejected.
300 requests / minute / IP addressApplied before key validation so brute-force key enumeration is bounded. Shared across all keys behind the same IP. The default is set globally and is not user-configurable.
Account-default (typically 100 / min) / keyEach generated key carries its own counter. Lower-volume keys can be rotated quickly without affecting your higher-volume integration's headroom.
Tier-dependentOn top of the per-key counter, your account's deposit tier (Standard / Reseller / Agency) sets a higher ceiling on aggregate requests across all keys. This is what unlocks higher throughput as you scale.
| Header | Description |
|---|---|
| X-RateLimit-Limit | Total requests allowed by the most restrictive matching limit. |
| X-RateLimit-Remaining | Requests remaining in the current window for the matched limit. |
| X-RateLimit-Reset | Unix timestamp (seconds) when the current window resets. |
| X-RateLimit-Tier-Remaining | Requests remaining in your account-tier window. Returned alongside the per-key limit so SDKs can show which limit is closest to depletion. |
| X-RateLimit-DeniedBy | Sent only on 429 responses. Names the layer that rejected the call: "key", "tier", or "ip". |
ip, spreading load across more keys won't help — you've hit the IP cap. If it's key, distributing across keys does help.orders parameter (up to 100 IDs per call). One batch call counts as one rate-limit unit.