Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Current »

The Platform has implemented a rate-limiting system to improve overall platform resiliency and manage velocity for more consistent platform performance. Rate Limits can be tested on the Sandbox server using specific triggers to receive an example of what exceeding the rate limits looks like.

Rate Limits

All API and Portal request types are subject to rate-limiting. See current Rate Limits for Sandbox and Production server requests:

Rate Limit

1000 requests in 10 seconds

Temporary Block Period

10 seconds

Rate limits are relative to the endpoint or Portal resource where the rate limit was exceeded and do not prohibit requests from being made to other endpoints or Portal resources.

For example, if a violation occurs from a Merchant using the Create Payment page (or /txns API endpoint), it will not prohibit communication on the Users page (or /logins API endpoint) during the 10-second violation block period.

Note: All HTTP Methods are subject to Rate Limiting.

Exceeding Rate Limits

Requests that exceed the designated rate limit will:

  • Be blocked from making additional requests for 10 seconds.

  • Receive a 429 HTTP status code explaining the rate limit was exceeded.

  • Receive an internal Code 64 error response message.

    • Example: If the violation occurs on requests to the /txns endpoint, it will not prohibit communication on the /merchants endpoint during the 10-second violation period.


Rate Limit Exceeded example:

{
    "errors": [
        {
            "code": 64,
            "severity": 2,
            "msg": "Rate of requests exceeded - Temporary block implemented",
            "errorCode": "C_RATE_LIMIT_EXCEEDED_TEMP_BLOCK"
        }
    ]
}

Testing Rate Limits

To better understand the expected response from exceeding the rate limit, we’ve created an easy-to-use method to trigger the 'Rate Limit Exceeded' response in any hosted Payrix environment.

rate-limit-test: match

Any request that contains the rate-limit-test header (with the match value) will be counted towards the rate limit criteria below.

See the example of calling the /txns endpoint from the API to trigger the “Rate Limit Test”.

Example:

[HTTP METHOD] /txns                 
Host: https//test-api.payrix.com    
rate-limit-test: match              ## Required Header  for Rate Limit Test.
Accept: application/json, text/plain, */* 
Content-Type: application/json      

Rate Limit testing details

See below the current rate limit for “Rate Limit Test” requests:

  • Rate Limit: 10 requests in 10 seconds.

  • Temporary Block period: 10 seconds.

What’s being blocked by triggering the test rate limit?

  • Source IP Address - The IP address of the entity that has exceeded the rate limit.

  • Path/Endpoint - The Payrix endpoint / URL path is blocked from receiving requests

  • Host - The Payrix server

 For more information, please contact your Relationship Manager or Partner Support.

  • No labels