Skip to main content
Archefusion implements rate limits to prevent abuse and ensure service availability. This means that there is a limited number of requests you can make to an endpoint within a given time. When you hit this limit, you will receive a 429 Too Many Requests response.

How the limit works

The limit uses a token bucket model. This means that each accepted request consumes capacity, and once maximum capacity is reached, the request gets rejected with a 429 Too Many Requests error. Over time, the bucket capacity refills automatically.

When you hit the limit

  1. You receive a 429 Too Many Requests, which includes retry guidance in the error message.
It does not currently set a separate Retry-After response header.
Example:
{
  "statusCode": 429,
  "message": "Rate limit exceeded (retry after 1s)"
}
  1. Implement a conservative backoff when you receive the 429 error rather than retrying aggressively.

Important note

The limit is applied per merchant account and endpoint. Therefore, when an endpoint is rate-limited, other endpoints will keep returning responses until they hit their limit.

Stay within limits

To stay within the limit, listen for webhooks instead of polling. For example, you can listen for payment.succeeded and payment.failed events instead of calling the verify payments endpoint to get the final status of a transaction.