Skip to main content
The Light API enforces rate limits to ensure fair usage and maintain optimal performance for all users. If you exceed these limits, you’ll receive a 429 Too Many Requests response.

Rate limit structure

By default we enforce two rate limits:

Requests per minute

  • 300 requests per minute per API key or OAuth token
  • Applied individually to each user in your organization

Daily limit

  • 100,000 requests per day per organization
  • Resets at midnight UTC
  • Shared across all users in your organization

Handling rate limit errors

When you exceed a rate limit, you’ll receive a 429 Too Many Requests response with these headers:
  • X-RateLimit-Limit: Maximum capacity (e.g., 300 for requests per minute limit)
  • X-RateLimit-Remaining: Remaining capacity
  • X-RateLimit-Reset: Unix timestamp when the rate limit will go back to full capacity
  • Retry-After: Recommended seconds to wait before retrying

Best practices

  1. Monitor the headers: Check X-RateLimit-Remaining before making large batch requests
  2. Implement exponential backoff: Wait progressively longer between retries (e.g., 1s, 2s, 4s, 8s)
  3. Respect Retry-After: Always wait at least this long before retrying
  4. Spread out scheduled jobs: Avoid running all batch operations at the same time

Need higher limits?

If your use case requires higher rate limits, please contact Light support at [email protected] to discuss custom limits for your organization.