Rate Limits and Fair Use
Orsunpay implements rate limiting to ensure fair resource usage and maintain optimal performance for all users.
Rate Limit Overview
Standard Limits
| Environment | Requests per Minute | Burst Limit | Concurrent Requests |
|---|
| Sandbox | 1,000 | 100/second | 50 |
| Production | 5,000 | 500/second | 200 |
Endpoint-Specific Limits
| Endpoint Category | Rate Limit | Reset Window |
|---|
| Authentication | 100/hour | 1 hour |
| Transaction Creation | As per plan | 1 minute |
| Transaction Retrieval | 2x standard limit | 1 minute |
| List Operations | Standard limit | 1 minute |
| Webhook Testing | 50/hour | 1 hour |
All API responses include rate limiting information in headers:
| Header | Description |
|---|
X-RateLimit-Limit | Maximum requests allowed in the current window |
X-RateLimit-Remaining | Remaining requests in current window |
X-RateLimit-Reset | Timestamp when the rate limit resets |
X-RateLimit-Window | Rate limit window in seconds |
Rate Limit Exceeded Response
When you exceed rate limits, you’ll receive a 429 status code:
Best Practices
1. Implement Exponential Backoff
3. Implement Request Queuing
4. Batch Operations
Fair Use Policy
Acceptable Use
✅ Allowed:
- Normal business operations and transaction processing
- Reasonable testing and development activities
- Periodic data synchronization and reconciliation
- Customer support and investigation activities
- Legitimate reporting and analytics
Prohibited Use
❌ Not Allowed:
- Excessive API polling or unnecessary requests
- Automated data scraping or harvesting
- Load testing on production endpoints without approval
- Sharing API keys or credentials
- Circumventing rate limits through multiple accounts
Monitoring and Enforcement
We monitor API usage patterns and may take action for:
- Consistently exceeding rate limits
- Unusual traffic patterns that affect service performance
- Suspected abuse or misuse of the API
- Violations of the fair use policy
Enterprise Rate Limits
Contact sales for higher rate limits if you need:
Custom Rate Limits
- Higher request volumes: Up to 50,000 requests/minute
- Dedicated resources: Isolated processing capacity
- Priority queuing: Faster processing for critical requests
- Custom burst limits: Higher short-term request capacity
SLA Guarantees
- 99.9% uptime SLA: Service level agreement
- Response time guarantees: Performance commitments
- Priority support: Faster issue resolution
- Dedicated account management: Personal support contact
Troubleshooting Rate Limits
Common Issues
| Issue | Cause | Solution |
|---|
| Frequent 429 errors | Too many requests | Implement backoff strategy |
| Inconsistent limits | Shared API keys | Use separate keys per service |
| Burst limit exceeded | Too many concurrent requests | Implement request queuing |
| Webhook test failures | Webhook testing limits | Reduce test frequency |
If you consistently need higher rate limits or encounter issues:
- Email: [email protected]
- Subject: Rate Limit Increase Request
- Include:
- Current usage patterns
- Business justification
- Expected request volume
- Integration timeline
Monitor your rate limit usage proactively. Implement proper backoff strategies and request queuing to avoid disrupting your payment flows.
Attempting to circumvent rate limits through multiple API keys or accounts may result in account suspension.