Rate Limiting

Owned by Miles Graves
Last updated: Aug 25, 2023
2 min read

The Platform has implemented a rate-limiting system to improve overall platform resiliency and manage velocity for more consistent platform performance. Rate Limits can be tested on the Sandbox server using specific triggers to receive an example of what exceeding the rate limits looks like.

Rate Limits

All API and Portal request types are subject to rate-limiting. See current Rate Limits for Sandbox and Production server requests:

Rate Limit

1000 requests in 10 seconds

Rate Limit

1000 requests in 10 seconds

Temporary Block Period

10 seconds

Rate limits are relative to the endpoint or Portal resource where the rate limit was exceeded and do not prohibit requests from being made to other endpoints or Portal resources.

For example, if a violation occurs from a Merchant using the Create Payment page (or /txns API endpoint), it will not prohibit communication on the Users page (or /logins API endpoint) during the 10-second violation block period.

Note: All HTTP Methods (GET, PUT, POST, DELETE) are subject to Rate Limiting.

Exceeding Rate Limits

Requests that exceed the designated rate limit will:

  • Be blocked from making additional requests for 10 seconds.

  • Receive a 429 HTTP status code explaining the rate limit was exceeded.

  • Receive an internal Code 64 error response message.

Rate Limit Exceeded example:

{     "errors": [         {             "code": 64,             "severity": 2,             "msg": "Rate of requests exceeded - Temporary block implemented",             "errorCode": "C_RATE_LIMIT_EXCEEDED_TEMP_BLOCK"         }     ] }

For more information on Platform Rate Limits, please contact your Relationship Manager or Partner Support.

Testing Rate Limits

To better understand the expected response from exceeding the rate limit, we’ve created an easy-to-use method to trigger the 'Rate Limit Exceeded' response in any hosted Payrix environment.

rate-limit-test: match

Any request that contains the rate-limit-test header (with the match value) will be counted towards the rate limit criteria below.

See the example of calling the /txns endpoint from the API to trigger the “Rate Limit Test”.

Example:

[HTTP METHOD] /txns Host: https//test-api.payrix.com rate-limit-test: match ## Required Header for Rate Limit Test. Accept: application/json, text/plain, */* Content-Type: application/json