API Documentation
Rate Limits & Quotas
API rate limits, quotas, and best practices for high-volume integrations.
The TrustCyber API enforces rate limits to ensure fair usage and platform stability. Rate limits are applied per API key and reset on a rolling 60-second window.
Rate Limit Tiers
| Plan | Requests / Minute | Requests / Day |
|---|---|---|
| Starter | 60 | 10,000 |
| Scale | 300 | 100,000 |
| Enterprise | 1,000 | Unlimited |
Rate Limit Headers
Every API response includes rate limit headers so you can monitor your usage:
text
X-RateLimit-Limit: 300
X-RateLimit-Remaining: 287
X-RateLimit-Reset: 1710505920WarningWhen you exceed the rate limit, the API returns a 429 Too Many Requests response. Implement exponential backoff in your integration to handle rate limit errors gracefully.
javascript
// Exponential backoff example
async function apiRequest(url, options, retries = 3) {
for (let i = 0; i < retries; i++) {
const res = await fetch(url, options);
if (res.status !== 429) return res;
const delay = Math.pow(2, i) * 1000; // 1s, 2s, 4s
await new Promise(r => setTimeout(r, delay));
}
throw new Error('Rate limit exceeded after retries');
}