Rate Limits
API usage limits and best practices
Overview
The QODRYX API uses rate limiting to ensure fair usage and maintain system stability. Rate limits are applied per API key and vary based on your plan.
Rate Limits by Plan
| Plan | Requests/minute | Requests/day | Burst |
|---|---|---|---|
| Free | 60 | 1,000 | 10 |
| Pro | 300 | 50,000 | 50 |
| Team | 600 | 200,000 | 100 |
| Enterprise | Custom | Unlimited | Custom |
Endpoint-Specific Limits
Some endpoints have additional limits:
| Endpoint | Limit | Window |
|---|---|---|
| /workflows | 10 concurrent | Per project |
| /security/scans | 5 concurrent | Per project |
| /deployments | 30/hour | Per project |
| /ai/generate | 100/hour | Per account |
| /tests/generate | 50/hour | Per account |
Rate Limit Headers
Every API response includes headers indicating your current rate limit status:
HTTP/1.1 200 OK
X-RateLimit-Limit: 300
X-RateLimit-Remaining: 287
X-RateLimit-Reset: 1705327200
X-RateLimit-Reset-After: 45| Header | Description |
|---|---|
| X-RateLimit-Limit | Maximum requests per window |
| X-RateLimit-Remaining | Requests remaining in current window |
| X-RateLimit-Reset | Unix timestamp when the window resets |
| X-RateLimit-Reset-After | Seconds until the window resets |
Rate Limit Exceeded Response
When you exceed the rate limit, you'll receive a 429 Too Many Requests response:
HTTP/1.1 429 Too Many Requests
Retry-After: 45
X-RateLimit-Limit: 300
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1705327200
{
"error": {
"code": "rate_limit_exceeded",
"message": "Rate limit exceeded. Please retry after 45 seconds.",
"retry_after": 45
}
}Handling Rate Limits
Exponential Backoff
Implement exponential backoff when you receive a 429 response:
// JavaScript example
async function fetchWithRetry(url, options, maxRetries = 3) {
for (let attempt = 0; attempt < maxRetries; attempt++) {
const response = await fetch(url, options);
if (response.status === 429) {
const retryAfter = response.headers.get('Retry-After') ||
Math.pow(2, attempt) * 1000;
console.log(`Rate limited. Retrying after ${retryAfter}ms`);
await sleep(parseInt(retryAfter) * 1000);
continue;
}
return response;
}
throw new Error('Max retries exceeded');
}
function sleep(ms) {
return new Promise(resolve => setTimeout(resolve, ms));
}Python Example
import time
import requests
def fetch_with_retry(url, headers, max_retries=3):
for attempt in range(max_retries):
response = requests.get(url, headers=headers)
if response.status_code == 429:
retry_after = int(response.headers.get('Retry-After', 2 ** attempt))
print(f"Rate limited. Retrying after {retry_after}s")
time.sleep(retry_after)
continue
return response
raise Exception('Max retries exceeded')Using the SDK
QODRYX SDKs handle rate limiting automatically:
// JavaScript SDK - automatic retry is built-in
const client = new Qodryx({
apiKey: process.env.QODRYX_API_KEY,
retryConfig: {
maxRetries: 3,
retryOnRateLimit: true,
}
});
// Just make your calls - retries happen automatically
const projects = await client.projects.list();Best Practices
Recommendations
- Cache responses when possible to reduce API calls
- Use webhooks instead of polling for real-time updates
- Implement exponential backoff for retries
- Monitor your rate limit headers to avoid hitting limits
- Batch operations when possible (e.g., bulk project updates)
- Use pagination efficiently — request only what you need
Monitoring Usage
Track your API usage in the dashboard:
Usage Dashboard
View real-time API usage graphs in Settings → API → Usage
Usage Alerts
Set up alerts when approaching rate limits
Requesting Higher Limits
If you need higher rate limits:
- Upgrade your plan: Higher tiers include increased limits
- Contact support: For temporary increases during launches or migrations
- Enterprise plan: Custom limits based on your needs
Need Higher Limits?
Contact us at enterprise@qodryx.com to discuss custom rate limits for your use case.