Limits

• Authenticated requests: 100 per minute per API key
• Unauthenticated requests: 60 per minute per IP
• MCP requests: Same limits as REST API (MCP calls the REST API internally)

Rate limit headers

API responses include rate limit information in the HTTP headers so you can track your usage.

What happens when you hit the limit

You'll receive a 429 Too Many Requests response. Wait and retry after the rate limit window resets (1 minute).

Subscriber endpoints

Public subscription endpoints have a separate limit: 10 new subscriptions per tenant per minute to prevent abuse.