Rate Limits

AttractOS API rate limits are 60 requests/minute for Free plans and 600 requests/minute for Pro plans. Rate limit headers are included in every response so you can track your usage. If exceeded, wait for the reset time indicated in the X-RateLimit-Reset header.

Rate Limits by Plan

Plan Requests/Minute Monthly Events
Free 60 10,000
Pro 600 100,000

Rate Limit Headers

Every API response includes these headers:

X-RateLimit-Limit

Maximum requests allowed per minute for your plan

X-RateLimit-Remaining

Requests remaining in the current window

X-RateLimit-Reset

Unix timestamp when the rate limit window resets

Example Response Headers
HTTP/1.1 200 OK
Content-Type: application/json
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
X-RateLimit-Reset: 1706810460

Handling Rate Limits

When you exceed the rate limit, you'll receive a 429 response:

429 Response
{
  "error": "Rate limit exceeded",
  "code": "RATE_LIMITED",
  "retry_after": 23
}

Best Practices

  • Check headers proactively — Monitor X-RateLimit-Remaining and slow down before hitting zero
  • Implement exponential backoff — On 429 errors, wait the retry_after seconds, then retry with increasing delays
  • Cache responses — Stats and timeseries data don't change frequently; cache for 60 seconds
  • Batch requests wisely — Use date ranges to get more data per request instead of many small requests
Example: Handling Rate Limits in JavaScript
async function fetchWithRetry(url, options, maxRetries = 3) {
  for (let i = 0; i < maxRetries; i++) {
    const response = await fetch(url, options);

    // Check rate limit headers
    const remaining = response.headers.get('X-RateLimit-Remaining');
    if (remaining && parseInt(remaining) < 5) {
      console.log('Approaching rate limit, slowing down...');
    }

    if (response.status === 429) {
      const data = await response.json();
      const waitTime = data.retry_after || Math.pow(2, i) * 1000;
      console.log(`Rate limited. Waiting ${waitTime}s...`);
      await new Promise(r => setTimeout(r, waitTime * 1000));
      continue;
    }

    return response;
  }
  throw new Error('Max retries exceeded');
}

Event Limits

In addition to API rate limits, each plan has a monthly event quota. Events include bot visits, referrals, and conversions tracked by your sites.

  • Free: 10,000 events/month across all sites
  • Pro: 100,000 events/month across all sites

When you reach your event limit, new tracking events are dropped (not recorded). Existing data remains accessible via the API. Usage resets on the first of each month.

Frequently Asked Questions

What happens when I hit the rate limit?
You'll receive a 429 Too Many Requests response. The response includes a retry_after field indicating how many seconds to wait before retrying.
Do rate limits apply to the tracking endpoint?
No, the tracking endpoint (/api/t) is not rate limited in the same way. It has usage-based limits tied to your plan's monthly event quota instead.
Can I request a higher rate limit?
Enterprise customers can request custom rate limits. Contact us at [email protected] to discuss your needs.
Are rate limits per API key or per account?
Rate limits are per API key. If you have multiple API keys, each has its own independent rate limit counter.
Bot Traffic by AttractOS