Skip to main content

Rate Limits and Fair Use

Orsunpay implements rate limiting to ensure fair resource usage and maintain optimal performance for all users.

Rate Limit Overview

Standard Limits

EnvironmentRequests per MinuteBurst LimitConcurrent Requests
Sandbox1,000100/second50
Production5,000500/second200

Endpoint-Specific Limits

Endpoint CategoryRate LimitReset Window
Authentication100/hour1 hour
Transaction CreationAs per plan1 minute
Transaction Retrieval2x standard limit1 minute
List OperationsStandard limit1 minute
Webhook Testing50/hour1 hour

Rate Limit Headers

All API responses include rate limiting information in headers:

Header Descriptions

HeaderDescription
X-RateLimit-LimitMaximum requests allowed in the current window
X-RateLimit-RemainingRemaining requests in current window
X-RateLimit-ResetTimestamp when the rate limit resets
X-RateLimit-WindowRate limit window in seconds

Rate Limit Exceeded Response

When you exceed rate limits, you’ll receive a 429 status code:

Best Practices

1. Implement Exponential Backoff

2. Monitor Rate Limit Headers

3. Implement Request Queuing

4. Batch Operations

Fair Use Policy

Acceptable Use

Allowed:
  • Normal business operations and transaction processing
  • Reasonable testing and development activities
  • Periodic data synchronization and reconciliation
  • Customer support and investigation activities
  • Legitimate reporting and analytics

Prohibited Use

Not Allowed:
  • Excessive API polling or unnecessary requests
  • Automated data scraping or harvesting
  • Load testing on production endpoints without approval
  • Sharing API keys or credentials
  • Circumventing rate limits through multiple accounts

Monitoring and Enforcement

We monitor API usage patterns and may take action for:
  • Consistently exceeding rate limits
  • Unusual traffic patterns that affect service performance
  • Suspected abuse or misuse of the API
  • Violations of the fair use policy

Enterprise Rate Limits

Contact sales for higher rate limits if you need:

Custom Rate Limits

  • Higher request volumes: Up to 50,000 requests/minute
  • Dedicated resources: Isolated processing capacity
  • Priority queuing: Faster processing for critical requests
  • Custom burst limits: Higher short-term request capacity

SLA Guarantees

  • 99.9% uptime SLA: Service level agreement
  • Response time guarantees: Performance commitments
  • Priority support: Faster issue resolution
  • Dedicated account management: Personal support contact

Troubleshooting Rate Limits

Common Issues

IssueCauseSolution
Frequent 429 errorsToo many requestsImplement backoff strategy
Inconsistent limitsShared API keysUse separate keys per service
Burst limit exceededToo many concurrent requestsImplement request queuing
Webhook test failuresWebhook testing limitsReduce test frequency

Debugging Tools

Contact Support

If you consistently need higher rate limits or encounter issues:
  • Email: [email protected]
  • Subject: Rate Limit Increase Request
  • Include:
    • Current usage patterns
    • Business justification
    • Expected request volume
    • Integration timeline
Monitor your rate limit usage proactively. Implement proper backoff strategies and request queuing to avoid disrupting your payment flows.
Attempting to circumvent rate limits through multiple API keys or accounts may result in account suspension.