Skip to main content

API Rate Limits

Scantrust rate limits

The Scantrust API has several levels of rate limiting implemented. A summary of these limits can be found below. Whenever an API client exceeds the limits, the request will be throttled and a fixed error response will be returned.

Throttle scopes and limits

anonymous200/minuteAnonymous requests (unauthenticated e.g. third party scans)
authenticated3000/minuteAuthenticated requests associated to an API user (e.g. Product creation)
consumer2000/minuteRequests to the consumer API (using campaign key e.g. /api/v2/consumer/campaign/)
scm_update10/secondSCM Updates (takes precedence over 'authenticated' scope)
login actions10/minuteRequests to the reset password/account endpoints

Throttled error response


Response when exceeding the above limits.

"detail": "Request was throttled. Expected available in x seconds.",
"code": "throttled"