To control the use of their APIs, banks set a daily API rate limit—a limit on the number of API calls that can be made per day per access scope, namely - account details, balances and transactions. Bank Account Data provides API rate limit headers to ensure our customers have visibility of these limits.
Rate Limits Overview
Rate limits are determined by each bank based on their internal considerations and policies, at a minimum banks are required to enable four access requests within a 24 hour period. To ensure a standardised approach, we designed our rate limit to enable you to submit four requests per day per account for each access scope - account details, balances, transaction history.
If you think your use case may qualify for an exemption, such as if your end users are actively requesting account information more than four times a day, please reach out to the Bank Account Data sales team or support team for assistance.
Rate Limit Headers
Rate limit headers are response HTTP header fields included in API responses that will inform you about your current usage and remaining API call limits. These headers provide key details such as the total request limit, the number of requests remaining within a specified timeframe, and the time until the limits reset.
These HTTP headers offer greater visibility and control over your API usage, allowing you to manage API requests more effectively, avoid hitting rate limits unexpectedly, and enhance your overall integration experience.
To improve your API experience, our API provides a set of response headers with your API requests.
These headers will give you more insight into your rate limits:
General Rate Limits (applicable to all API requests):
-
HTTP_X_RATELIMIT_LIMIT
: indicates the maximum number of allowed requests within the defined time window. -
HTTP_X_RATELIMIT_REMAINING
: shows the number of remaining requests you can make in the current time window. -
HTTP_X_RATELIMIT_RESET
: provides the time remaining in the current window.
Account Success Request (additional headers per access scope for account details, transactions, and balances):
-
HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_LIMIT
: indicates the maximum number of allowed requests within the defined time window. -
HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_REMAINING
: shows the number of remaining requests you can make in the current time window. -
HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_RESET
: provides the time remaining in the current window, in seconds.
These account success request headers will only be present for successful account resource requests. It’s important to note that failed requests against details, balances and transactions endpoints, regardless of the error type, will not count against the account success request rate limits, but they will count towards the general rate limits.
Handling Rate Limit Errors
If the limit is reached, a RateLimitError
will be returned whenever you attempt to make an API call:
{
"summary": "Rate limit exceeded",
"detail": "The rate limit for this resource is <times>/<time_period>. Please try again in <time_left> seconds",
"status_code": 429
}
When you receive a RateLimitError
, the only option is to wait until the time returned in the HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_RESET
header has passed to execute your request. There is no need to reconnect the account before trying again.
How to avoid hitting rate limits
To prevent hitting the rate limit, consider the following best practices in your implementation:
- Limit your number of requests to a maximum value returned in the HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_LIMIT rate limit header for an account resource. We advise you to adjust your applications to accommodate a limit of four requests per day per account for each access scope.
- Ensure your integration is ready to handle cases where the rate limit is reached by retrying after the time returned in the
HTTP_X_RATELIMIT_ACCOUNT_SUCCESS_RESET
rate limit header has passed, instead of asking end users to reconnect the account, to deliver a better end user experience.
By utilising the rate limit headers and adhering to the established rate limits, you can optimise your API usage and maintain seamless operations.
Comments
0 comments
Please sign in to leave a comment.