Rate Limits
Endpoints are grouped into tiers. All endpoints in the same tier share a single per-user bucket.
| Tier | Limit | Endpoints |
|---|---|---|
| Standard | 300 req / min | Read endpoints (list users, audit logs, API keys, parse status) |
| Write | 60 req / min | Mutations (disable/enable user, revoke API key) |
| Heavy | 30 req / min | Resource-intensive (file upload, submit parse) |
| Search | 60 req / min | Search endpoints (codes search) |
Every successful response includes rate-limit headers:
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests allowed per window |
X-RateLimit-Remaining | Approximate remaining requests |
X-RateLimit-Reset | Unix timestamp (seconds) when the quota resets |
When a limit is exceeded the API returns 429 Too Many Requests with a Retry-After header (seconds). Clients that sleep for this duration will be paced at a steady rate.