Rate Limiting

Rate limits for the API and how to use them


Rate limits for the SmartBuildings API are currently on a per IP address basis.

In the future we will be having more fine-grained limits. Examples might be per client_credential or per route rate limits.

Reading Your Rate Limit

The response headers of each request made to the API will show the current maximum rate allowed, and the remaining limits.

The rate limit headers indicating maximum limit will be of the form x-ratelimit-limit-*, while the headers indicating remaining limit will be of the form x-ratelimit-remaining-*.

Example Response Header Showing Rate Limits

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
connection: keep-alive
content-length: 1392
content-type: application/json; charset=utf-8
date: Fri, 20 Mar 2020 17:10:40 GMT
etag: W/"570-2/xkFsZz1d2qlzXb6OBswcSfNCs"
expires: 0
pragma: no-cache
strict-transport-security: max-age=15552000; includeSubDomains
surrogate-control: no-store
via: kong/1.4.2, 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-kong-proxy-latency: 25
x-kong-upstream-latency: 27
x-ratelimit-limit-hour: 10000
x-ratelimit-limit-minute: 500
x-ratelimit-limit-second: 50
x-ratelimit-remaining-hour: 9997
x-ratelimit-remaining-minute: 499
x-ratelimit-remaining-second: 49
x-xss-protection: 1; mode=block

What’s Next

Learn about Tenant Mode in SmartBuildings...