Rate limits for API calls

Learn about API rate limits, how does it apply to you, and what to do if you do exceed them.

Test Management enforces rate limits on the number of external REST API requests you can make within a specified time frame. This ensures both security and quality control, maximizing reliability and minimizing latency. As the scale of the API grows, rate limiting becomes increasingly critical. It helps prevent abuse and denial-of-service attacks, ensuring the API remains available for all users.

Applicable rate limits

All of the API requests have a rate limit of 300 requests per minute. Rate limits apply to each group. Exceeding these limits will result in the API returning a 429 Too Many Requests response.

Avoid and handle rate limits

How to avoid reaching the rate limit

Do the following to avoid reaching the rate limit.

• Optimize your requests
  Combine requests where possible to reduce the total number of API calls.
• Distribute requests over time
  Space out your requests to avoid hitting the rate limit.
• Monitor your usage
  Regularly check your API usage to ensure you stay within the limits.
• Implement caching
  Use caching to reduce the need for repeated requests.

What to do if you hit the rate limit

If you receive a 429 Too Many Requests response, it means you have exceeded the rate limit. To rectify this, you must wait for 60 seconds before making a new API request.

Example

Consider users from one group with a shared rate limit:

• User A hits the rate limit at 00:00:00 seconds and receives a 429 error.
• User B, from the same group, attempts a request at 00:00:33 seconds.
• User B should wait for an additional 27 seconds (60 seconds minus the 33 seconds since User A hit the limit) before sending the next request.

In this scenario, User B can send a request at 00:01:00 to stay within the rate limit. This pro-rata adjustment ensures that the rate limit is managed at the group level effectively.