Rate Limits
Every API key has a rate-limit tier. Limits apply per key, per hour and per day.
Tiers
| Tier | Per hour | Per day |
|---|---|---|
| Free | 100 | 1,000 |
| Standard | 1,000 | 50,000 |
| Premium | 10,000 | 1,000,000 |
| Unlimited | — | — |
The tier is set when the key is created and can be changed from the admin UI.
Response headers
Every API response includes rate-limit headers so you can track your remaining quota:
X-RateLimit-Limit-Hour: 1000
X-RateLimit-Remaining-Hour: 987
X-RateLimit-Limit-Day: 50000
X-RateLimit-Remaining-Day: 49812For unlimited keys you'll see X-RateLimit-Limit: unlimited.
When you hit the limit
You'll get a 429 Too Many Requests response with a Retry-After header (in seconds):
HTTP/1.1 429 Too Many Requests
Retry-After: 3600
Content-Type: application/json
{
"success": false,
"message": "Hourly rate limit exceeded for tier: standard"
}Best practices
- Respect the
Retry-Afterheader — don't hammer the API after a 429 - Cache read-heavy endpoints — products and categories don't change often
- Use webhooks instead of polling — receive order and inventory updates without burning your quota
- Batch where possible — use filter/pagination params to minimize requests
- Use separate keys — isolate integrations so one noisy client doesn't rate-limit the others