Skip to main content
The YuvexPay API enforces rate limits per company to ensure fair usage and system stability.

Default limits

ScopeLimitWindow
GET requests1,000 / minutePer company
POST requests100 / minutePer company
Global2,000 / minutePer company
Custom limits can be configured per account. Contact support if you need higher limits.

Rate limit headers

Every API response includes rate limit information in the headers:
HeaderDescription
X-RateLimit-LimitMaximum requests allowed in the current window.
X-RateLimit-RemainingRequests remaining in the current window.
X-RateLimit-ResetSeconds until the rate limit window resets.
X-RateLimit-Global-LimitGlobal rate limit across all methods.
X-RateLimit-Global-RemainingGlobal requests remaining.

Handling rate limits

When you exceed the rate limit, the API returns a 429 Too Many Requests response: 
{
  "error": {
    "code": "RATE_LIMIT_EXCEEDED",
    "message": "Too many requests"
  }
}
Implement exponential backoff when you receive a 429: 
async function requestWithRetry(url, options, maxRetries = 3) {
  for (let attempt = 0; attempt <= maxRetries; attempt++) {
    const response = await fetch(url, options);

    if (response.status !== 429) return response;

    const resetSeconds = response.headers.get("X-RateLimit-Reset");
    const delay = resetSeconds
      ? parseInt(resetSeconds) * 1000
      : Math.pow(2, attempt) * 1000;

    await new Promise((resolve) => setTimeout(resolve, delay));
  }

  throw new Error("Rate limit exceeded after retries");
}

Best practices

  • Monitor headers. Check X-RateLimit-Remaining proactively to avoid hitting limits.
  • Batch where possible. Use list endpoints with filters instead of fetching resources one by one.
  • Cache responses. Cache GET responses on your side to reduce unnecessary API calls.
  • Spread requests. Distribute API calls evenly over time instead of bursting.