A rate limiting system will be implemented to improve overall platform resiliency and manage velocity to provide more consistent platform performance.

Rate Limiting Deployment Schedule




All Payrix Platform Sites

Lightweight Rate Limit Manual Testing Trigger at 10 requests in 10 seconds via Header:Value (See Testing Rate Limits below.)

Available Now.

Sandbox API


Rate Limit = 1000 requests in 10 seconds.

June 21st, 2023 - 22:00 ET.

All Payrix Platform Sites

Rate Limit = 1000 requests in 10 seconds.

August 23rd, 2023 - 22:00 ET.

API and Portal requests are subject to rate limiting.

See below the current Rate Limits for Developer and Production server requests:

  • Rate Limit: 1000 requests in 10 seconds.

  • Temporary Block period: 10 seconds.

Note: All HTTP Methods are subject to Rate Limiting.

Requests that exceed the designated rate limit will:

  • Be blocked from making additional requests for 10 seconds.

  • Receive a 429 HTTP status code explaining the rate limit was exceeded.

  • Receive an internal Code 64 error response message.

    • Example: If the violation occurs on requests to the /txns endpoint, it will not prohibit communication on the /merchants endpoint during the 10-second violation period.

Rate Limit Exceeded example:

    "errors": [
            "code": 64,
            "severity": 2,
            "msg": "Rate of requests exceeded - Temporary block implemented",
            "errorCode": "C_RATE_LIMIT_EXCEEDED_TEMP_BLOCK"

Testing Rate Limits

To better understand the expected response from exceeding the rate limit, we’ve created an easy-to-use method to trigger the 'Rate Limit Exceeded' response in any hosted Payrix environment.

rate-limit-test: match

Any request that contains the rate-limit-test header (with the match value) will be counted towards the rate limit criteria below.

See the example of calling the /txns endpoint from the API to trigger the “Rate Limit Test”.


[HTTP METHOD] /txns                 
Host: https//test-api.payrix.com    
rate-limit-test: match              ## Required Header  for Rate Limit Test.
Accept: application/json, text/plain, */* 
Content-Type: application/json      

Rate Limit testing details

See below the current rate limit for “Rate Limit Test” requests:

  • Rate Limit: 10 requests in 10 seconds.

  • Temporary Block period: 10 seconds.

What’s being blocked by triggering the test rate limit?

  • Source IP Address - The IP address of the entity that has exceeded the rate limit.

  • Path/Endpoint - The Payrix endpoint / URL path is blocked from receiving requests

  • Host - The Payrix server

 For more information, please contact your Relationship Manager or Partner Support.