Skip to main content
OpenQuota rate-limits every public API request by API key, using a fixed-window counter per minute. Each key has its own limit — default 1000 requests/minute. Admins can raise or lower it per key.

Response headers

Every /v1 response (including errors) carries rate-limit headers:
HeaderMeaning
X-RateLimit-LimitThis key’s per-minute limit.
X-RateLimit-RemainingRequests remaining in the current window. 0 means you’re about to get throttled.
X-RateLimit-ResetUnix epoch second when the current window resets.
Use these to pace bulk backfills — don’t just fire and retry.

When you exceed

Requests over the limit return 429 Too Many Requests: 
{
  "error": "rate_limited",
  "retry_after_seconds": 37
}
The Retry-After HTTP header carries the same value. Back off for that many seconds, then resume. Do not retry faster — fixed-window counters don’t roll over early.

Tips for high-volume callers

  • Batch where you can. The deal event endpoint is fine to call once per change, but if you’re backfilling historical deals, rate-limit your poller so you spread inserts across multiple windows.
  • Deduplicate via dedup_key. Retries with the same dedup_key are free (they don’t double-count state), so you don’t need additional application-level throttling around retries.
  • Ask for a higher limit. If you’re reliably under 1000/min but need burst headroom, contact OpenQuota support to raise the key’s limit.

Current implementation caveat

The limiter is currently in-process, not global — each API replica maintains its own counter. In practice we run a small number of replicas so the effective ceiling is close to limit × replica_count. A future revision will consolidate to a shared store; callers should build against the documented per-key limit, not the accidental headroom.