Rate Limit
API Rate Limiting
To ensure the stability and reliability of our services for all users, our Card Management System API implements rate limiting. This helps protect our systems against sudden bursts of incoming traffic. If you send too many requests in a short period, your requests may be blocked, and you will receive an error response with an HTTP status code of 429 Too Many Requests.
Handle Rate Limited Requests
When you exceed the number of allowed requests for an endpoint, the API will respond with an HTTP status code of 429 Too Many Requests and a JSON body similar to this:
{
"code": "XFC429001",
"message": "Too many requests"
}Your integration should be built to handle these responses gracefully. The recommended approach is to implement a retry mechanism with an exponential backoff schedule.
This involves waiting for a progressively longer period between retries. Adding a small amount of randomness (jitter) to the backoff delay can also help prevent a "thundering herd" effect, where many clients retry at the exact same time.
Rate Limits
The rate limits vary depending on the environment.
Production
Standard Rate Limits
| Card Management System API | Limit (Requests Per Minute) |
|---|---|
| Get Card Transaction List | 500 |
| Get Transaction Detail | 500 (with 2500 burst) |
| All other endpoints (Default) | 1000 |
Special Rate Limits
| Card Management System API | Limit |
|---|---|
| Create Unassigned Card Batch Transfer | 1 request per 30 minutes |
Sandbox (Staging)
Standard Rate Limits
| Card Management System API | Limit (Requests Per Minute) |
|---|---|
| Default for all endpoints | 500 |
Special Rate Limits
| Card Management System API | Limit |
|---|---|
| Create Unassigned Card Batch Transfer | 1 request per 15 minutes |
Requesting a Limit Increase
We understand some applications have unique, high-traffic needs. If you anticipate your integration will require higher limits for a specific operation or event, please reach out to us on slack.
Updated 23 days ago