Skip to main content
Logo
API Documentation Status page Submit a request
Sign in
  1. Bank Account Data
  2. Bank Account Data API
  3. General

Bank API Rate Limits and Rate Limit Headers

To control the use of their APIs, banks set a daily API rate limit—a limit on the number of API calls that can be made per day per access scope, namely - account details, balances and transactions. Bank Account Data provides API rate limit headers to ensure our customers have visibility of these limits

Rate Limits Overview

Rate limits are determined by each bank based on their internal considerations and policies, banks are required to enable four access requests within a 24 hour period. To ensure a standardised approach, we designed our rate limit to enable you to submit four requests per day per account for each access scope - account details, balances, transaction history.

Rate Limit Headers

Rate limit headers are response HTTP header fields included in API responses that will inform you about your current usage and remaining API call limits. These headers provide key details such as the total request limit, the number of requests remaining within a specified timeframe, and the time until the limits reset.

These HTTP headers offer greater visibility and control over your API usage, allowing you to manage API requests more effectively, avoid hitting rate limits unexpectedly, and enhance your overall integration experience.

To improve your API experience, our API provides a set of response headers with your API requests.

These headers will give you more insight into your rate limits:

General Rate Limits (applicable to all API requests):

  • HTTP_X_RATELIMIT_LIMIT: indicates the maximum number of allowed requests within the defined time window.

  • HTTP_X_RATELIMIT_REMAINING: shows the number of remaining requests you can make in the current time window.

  • HTTP_X_RATELIMIT_RESET: provides the time remaining in the current window.

 

Account Success Request (additional headers per access scope for account details, transactions, and balances):

  • HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_LIMIT: indicates the maximum number of allowed requests within the defined time window.
  • HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_REMAINING: shows the number of remaining requests you can make in the current time window.
  • HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_RESET: provides the time remaining in the current window, in seconds.

 

These account success request headers will only be present for successful account resource requests. It’s important to note that failed requests against details, balances and transactions endpoints, regardless of the error type, will not count against the account success request rate limits, but they will count towards the general rate limits.

Handling Rate Limit Errors

If the limit is reached, a RateLimitError will be returned whenever you attempt to make an API call:

{
"summary": "Rate limit exceeded",
"detail": "The rate limit for this resource is <times>/<time_period>. Please try again in <time_left> seconds",
"status_code": 429
}

When you receive a RateLimitError, the only option is to wait until the time returned in the HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_RESET header has passed to execute your request. There is no need to reconnect the account before trying again.

How to avoid hitting rate limits

To prevent hitting the rate limit, consider the following best practices in your implementation:

  • Limit your number of requests to a maximum value returned in the HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_LIMIT rate limit header for an account resource. We advise you to adjust your applications to accommodate a limit of four requests per day per account for each access scope.
  • Ensure your integration is ready to handle cases where the rate limit is reached by retrying after the time returned in the HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_RESET rate limit header has passed, instead of asking end users to reconnect the account, to deliver a better end user experience.

By utilising the rate limit headers and adhering to the established rate limits, you can optimise your API usage and maintain seamless operations.

Was this article helpful?
  • Promoted articles

    • Bank Account Data API Usage - how is your usage number calculated
    • EEA 180-day access
    • Bank Account Data API Rate Limits
    • How to recognise and handle end user authentication errors
    • Account Endpoint Errors and Suspended Accounts
  • Recently Added Articles

  • Top Articles

Bank Account Data Quickstart Guide

Simple and streamlined guide to start using our Bank Accoun Data API

Quickstart Guide

Demo page of our Bank Account Data API

See the product in action with few easy clicks

Bank Account Data Demo

Need Support?

Contact us

We're available Monday to Friday, 9am-5pm GMT

Quick links

Knowledge base

About GoCardless

Legal
Privacy
Security
Blog

Support

Contact support
Complaints
Contact sales

API Documentation

Developer documents

GoCardless Ltd, Sutton Yard, 65 Goswell Road, London, EC1V 7EN, United Kingdom


GoCardless Ltd (company registration number 07495895) is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017, registration number 597190, for the provision of payment services.





https://docs.google.com/spreadsheets/d/1EZ5n7QDGaRIot5M86dwqd5UFSGEDTeTRzEq3D9uEDkM/edit?gid=976380583#gid=976380583
/hc/theming_assets/01JVYEMDH4NW2KMNM8HG9Y2GXA
Detailed bank coverage
A detailed list of the available institutions and specifications.
custom
https://gocardless.com/stories/bondora/
/hc/theming_assets/01JKWXK6T8QZWQQSYYJAD0X703
Our latest customer story
Learn about how companies are using our technology.
custom
https://developer.gocardless.com/bank-account-data/overview
/hc/theming_assets/01JVYEMQ0208DBSNG2GPZRZ36T
Developer Docs
All the documentation you need to integrate with our API.
Rate Limits, Access expired, Requisition