Rate Limiting
The Platform has implemented a rate-limiting system to improve overall platform resiliency and manage velocity for more consistent platform performance. Rate Limits can be tested on the Sandbox server using specific triggers to receive an example of what exceeding the rate limits looks like.
Rate Limits
All API and Portal request types are subject to rate-limiting. See current Rate Limits for Sandbox and Production server requests:
Rate Limit | 1000 requests in 10 seconds |
---|---|
Temporary Block Period | 10 seconds |
Rate limits are relative to the endpoint or Portal resource where the rate limit was exceeded and do not prohibit requests from being made to other endpoints or Portal resources.
For example, if a violation occurs from a Merchant using the Create Payment page (or /txns
API endpoint), it will not prohibit communication on the Users page (or /logins
API endpoint) during the 10-second violation block period.
Note: All HTTP Methods (GET
, PUT
, POST
, DELETE
) are subject to Rate Limiting.
Exceeding Rate Limits
Requests that exceed the designated rate limit will:
Be blocked from making additional requests for 10 seconds.
Receive a
429
HTTP status code explaining the rate limit was exceeded.Receive an internal Code
64
error response message.
Rate Limit Exceeded example:
{
"errors": [
{
"code": 64,
"severity": 2,
"msg": "Rate of requests exceeded - Temporary block implemented",
"errorCode": "C_RATE_LIMIT_EXCEEDED_TEMP_BLOCK"
}
]
}
For more information on Platform Rate Limits, please contact your Relationship Manager or Partner Support.
Testing Rate Limits
To better understand the expected response from exceeding the rate limit, we’ve created an easy-to-use method to trigger the 'Rate Limit Exceeded' response in any hosted Payrix environment.
rate-limit-test: match
Any request that contains the rate-limit-test
header (with the match
value) will be counted towards the rate limit criteria below.
See the example of calling the /txns
endpoint from the API to trigger the “Rate Limit Test”.
Example:
[HTTP METHOD] /txns
Host: https//test-api.payrix.com
rate-limit-test: match ## Required Header for Rate Limit Test.
Accept: application/json, text/plain, */*
Content-Type: application/json
Rate Limit testing details
See below the current rate limit for “Rate Limit Test” requests:
Rate Limit: 10 requests in 10 seconds.
Temporary Block period: 10 seconds.
What’s being blocked by triggering the test rate limit?
Source IP Address - The IP address of the entity that has exceeded the rate limit.
Path/Endpoint - The Payrix endpoint / URL path is blocked from receiving requests
Host - The Payrix server