Rate limits
Rate limits
The leep API enforces rate limits per organisation to ensure fair usage and stable performance for all customers.
Limits
| Scope | Limit | Window |
|---|---|---|
| Per organisation | 60 requests | 1 minute (rolling) |
Response headers
Every API response from OAuth-authenticated requests includes rate limit headers so you can track your usage.
| Header | Description |
|---|---|
| X-RateLimit-Limit | Maximum requests allowed per window |
| X-RateLimit-Remaining | Requests remaining in the current window |
| X-RateLimit-Reset | Unix timestamp when the window resets |
| Retry-After | Seconds to wait before retrying (only on 429 responses) |
Normal response headers
HTTP/1.1 200 OK
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 42
X-RateLimit-Reset: 1746700800When you exceed the limit
When you exceed the rate limit, the API returns a 429 Too Many Requests response. Wait for the number of seconds indicated by Retry-After before retrying.
429 response
HTTP/1.1 429 Too Many Requests
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1746700800
Retry-After: 23
{
"error": "Rate limit exceeded"
}Handling rate limits in code
TypeScript — retry with backoff
async function fetchWithRetry(url: string, token: string) {
const response = await fetch(url, {
headers: { Authorization: `Bearer ${token}` },
});
if (response.status === 429) {
const retryAfter = parseInt(response.headers.get('Retry-After') ?? '60', 10);
await new Promise((resolve) => setTimeout(resolve, retryAfter * 1000));
return fetchWithRetry(url, token);
}
return response.json();
}Tip: To stay within limits, cache responses where appropriate and avoid polling endpoints more frequently than your use case requires. For high-volume needs, contact us at tim@leep.works.