# Rate limiting

Rate limiting is a strategy to limit access to APIs. It restricts the number of API calls that a client can make within a certain time frame. This helps defend the API against overuse, both unintentional and malicious.

We reserve the right to adjust these limits at any time, without prior notice. Thankfully the api provides all the data you need to automatically adapt your processes if that were to happen.

We have rate limits in place for all endpoints. Which can can differ depending on the resource. Here is an explaination of the underlying principle and how to work with the rate limits.

Any request over it's specific threshold will fail with HTTP Status 429 (Too Many Requests) and will not be processed.

# Check Rate limits

Each request return headers relative to rate limits:

Header name	Description
x-ratelimit-limit	The maximum number of requests allowed for the timeframe
x-ratelimit-remaining	The number of requests remaining for the timeframe
x-ratelimit-reset	How long in seconds until at least one unit of quota is reclaimed

# Client algorithm

This or any other similar method to achevie the same goal must be implemented if you intend to send bulk SMSes, otherwise your implementation would fail to adhere to rate limits and would in consequence be unreliable.

According to the headers above, here is a pseudo-code for how to handle rate limiting correctly when sending bulk SMSes for example.

while hasMesssages:
	response = sendOneSmsApiCall()
	if response.getHeaders().x-ratelimit-remaining == '0':
		delayMilliseconds(1000 * response.getHeaders().x-ratelimit-reset)
	endif