Platform of Trust Platform Design Guide
Developer PortalAPI DocsOntology
  • Purpose and scope
  • Developer eXperience Strategy
  • Suggest changes
  • API Requests
    • Request validation
    • Response codes used
    • Error handling
  • General API guidelines
    • Performance
    • Documentation
    • Data models used
    • Use HATEOAS
    • Use HTTP Methods
    • Dates and time
    • Naming conventions
    • Pagination, partial response and sorting
    • API Testing
  • API Headers
    • Mandatory elements & behaviour
    • Rate limiting information
  • API Security
    • Authentication and authorization
    • SSL everywhere - all the time
  • API versioning guidelines
    • Versioning Rules
    • Breaking changes
    • Non-breaking changes example
    • Retirement process
    • Add new API to documentation
    • Add new endpoint
  • API Migration Policies
    • Deprecating API
    • Sunsetting API
    • Blackout Testing
    • Migration Email Template
    • API Blackout Test Email Template
    • API Deprecation Email
    • Deprecating an older API
  • Ontologies
    • About ontologies
    • Web Ontology Language, OWL
    • Ontology editor
    • Edit ontology
    • Add new subclass
    • Naming convention logic
    • Extending the ontology
  • Design Guideline
    • Colors
    • Typography
    • Grids and Space
    • Input forms - Text field
    • Input forms - Text area
    • Buttons
    • Checkbox
    • Radio buttons
    • Date picker
    • Form control - Single select
    • Toggle
    • Pagination
    • Status pills
    • Tables
    • Effects
    • Dialogues
Powered by GitBook
On this page

Was this helpful?

  1. API Headers

Rate limiting information

An often-used technique is the return of HTTP headers carrying information about the status of current call limits to allow the user or application to assess where it stands in terms of call limits. These headers typically provide:

  • the maximum number of allowed requests in the current period,

  • the number of remaining requests in the current period and

  • a timestamp that marks when the call limit counter will be reset (Epoch).

This kind of information enables dynamic adjustments of the API usage, which may be used to prevent the API user from being blocked.

Example header response with rate limiting information

X-RateLimit-Limit: 60
X-RateLimit-Remaining: 25
X-RateLimit-Reset: 1546841865
PreviousMandatory elements & behaviourNextAuthentication and authorization

Last updated 6 years ago

Was this helpful?