Request Throttling (429 Too Many Requests)
To help protect the PayRun.io API from DDoS attacks and accidental request flooding, excessive request volumes [from a single account] will trigger a 429 Too Many Requests response.
A single "request" is counted as a single interaction with the API. This can be a [GET], [POST], [PUT], [PATCH] or [DELETE] HTTP request.
Default request volume limits
The following table details the default API request limits imposed on a single account.
| Timespan | Max Allowed Requests | Requests Per Minute |
|---|---|---|
| 5 Minutes | 3,000 Requests | 600 |
| 1 Hour | 18,000 Requests | 300 |
Special Dispensations
Customer accounts can have the request limits increased if their request volumes are expected to exceed the default limits.
However this may incur additional costs to cover any additional hardware requirements. Please contact Support@PayRun.io for further advice on extending your API request limits.
How to avoid excessive request volumes
To help avoid excessive volumes of individual requests, the API supports batch processing jobs.
Batch processing jobs allow you to perform multiple API actions in a single job instruction.
Ideal for large data entry tasks. Offering improved performance and through put by avoiding unnecessary transportation overheads and repeated authentication processing time.
Excluded Requests
The "HealthCheck" API end point is exclude from the request throttling restrictions.