# Rate Limits

To ensure fair usage and platform stability, all API key-based requests are subject to rate limiting.

## Limits

| Scope | Limit |
|  --- | --- |
| Per API Key | **25 requests / minute** |


Rate limits apply only to requests authenticated with the `x-auth-api-key` header. Requests authenticated exclusively with a Bearer token are **not** subject to rate limiting.

## Exceeded Limit Response

When the rate limit is exceeded, the API returns:

```http
HTTP/1.1 429 Too Many Requests
```

```json
{
  "exception": "ThrottlerException",
  "code": 429,
  "metadata": {}
}
```

## Handling Rate Limits

- **Monitor the headers** — check `x-ratelimit-remaining-api_key_limit` before each request to know how close you are to the limit.
- **Back off on 429** — if you receive a `429` response, wait until the window resets before retrying. Use the `x-ratelimit-reset-api_key_limit` header to determine how long to wait.
- **Spread your requests** — avoid sending bursts of requests. Distributing them evenly over time reduces the chance of hitting the limit.