Rate Limits
API rate limits.
Rate Limits
All API endpoints are rate-limited to ensure fair usage and platform stability.
Limits
| Endpoint | Limit | Window |
|---|---|---|
/api/flows/* (employer, employee, status) | 500 requests | 1 minute |
/api/employee-changes/* (new-hire, demographic, compensation, termination) | 500 requests | 1 minute |
Rate limits use a sliding window algorithm — the window moves with each request rather than resetting at fixed intervals.
Rate Limit Headers
Every API response includes rate limit headers:
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum requests allowed in the window |
X-RateLimit-Remaining | Requests remaining in the current window |
X-RateLimit-Reset | Unix timestamp when the window resets |
Exceeding the Limit
When you exceed a rate limit, the API returns 429 Too Many Requests:
{
"error": "Rate limit exceeded. Try again in 42 seconds.",
"details": {
"retry_after": 42
}
}Wait for the duration indicated by retry_after (in seconds) or the X-RateLimit-Reset header before retrying.
Rate limits are subject to change. If you need higher limits for your use case, contact Benbase.