GatewayRate Limiting

Rate Limiting

The gateway enforces sliding-window rate limits per authentication method.

Limits

Auth methodRate limitDaily limit
API Key60 req/minUnlimited (with credits)
Session30 req/minUnlimited (with credits)
SpendAuth120 req/minUnlimited
Anonymous10 req/min5 req/day
Authenticated (no credits)30 req/min20 req/day

Response headers

Every response includes rate limit headers:

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 42
X-RateLimit-Reset: 1712793600

429 responses

When rate limited:

{
  "error": {
    "message": "Rate limit exceeded for this API key.",
    "type": "rate_limit_error",
    "code": "rate_limit_exceeded"
  }
}

The X-RateLimit-Reset header indicates when the window resets (Unix timestamp in seconds).

GuardrailsCredits & Pricing