Skip to main content
The exchange caps how fast and how large your requests can be. The 429 and 413 responses here are not enumerated in the Trading API reference; their bodies follow the standard error model.

Per-account rate limit

A token bucket of 100 requests per 60 seconds with a burst of 10, keyed by account. The bucket refills continuously across the window, and burst lets you briefly exceed the steady rate as long as your long-run average stays within it. Every credential on one account draws from the same budget. These are the defaults. Your account’s limits may differ — confirm with your onboarding contact.

What a 429 returns

Exceeding the limit returns:
  • HTTP 429 Too Many Requests
  • Media type application/problem+json
  • code = rate_limited
There is no Retry-After header and no X-RateLimit-* headers, so the response carries no budget metadata. Pace your own requests and back off when you see 429; waiting out the remainder of the window is a safe default. On a write, reuse the original request_id so the retry is deduplicated. See error codes for the full code table.

When the limiter runs

On signed writes, three checks run in order, and the order decides which rejected requests still spend budget:
  1. Signature check. The request is decoded and its signature verified first. An invalid signature is rejected here and does not consume budget.
  2. Rate-limit check. The limiter runs next. A signature-valid request consumes budget here, even if a later check rejects it.
  3. Skew check. The request_id timestamp window is checked last. A request that fails it has already spent its budget.
The limiter runs before the skew check. A flood of signature-valid requests carrying stale or garbage request_ids still drains your bucket, even though every one is rejected. Only requests that fail signature verification cost nothing.
Account creation is the one exception: it does not consume or check the rate limit, because there is no account to charge yet. It still applies the same request_id skew check as other signed endpoints.

Request size cap

A request whose encoded payload exceeds the maximum wire size is rejected with HTTP 413 Payload Too Large and code = request_too_large. Do not retry it unchanged — it fails the same way every time. Shrink the request, then resend.