Rate Limits and Retries
The OpenAPI service applies rate limiting to protect stability and prevent excessive consumption by a single client. This page explains the rate limit rules and client retry guidance.
Rate Limit Rules
- When the server applies rate limiting, it returns
429 RATE_LIMITED - A
429response must include theRetry-Afterresponse header in seconds Retry-Aftermust be a positive integer- The exact quota and window depend on the service plan or deployment environment
Idempotency-Key
Idempotency-Key is the unique request key generated by the caller for one command request.
It is used to handle network timeouts or retry scenarios. If the client is not sure whether a command request has already been accepted by OpenAPI, it can retry the same request with the same Idempotency-Key to avoid creating a duplicate command.
Rules:
- Generate a new
Idempotency-Keyfor every new command request - Reuse the original
Idempotency-Keywhen retrying the same command request - Do not reuse the same
Idempotency-Keyfor different devices, different relays, or different request bodies Idempotency-Keyis not an access token and is not used for authentication
Client Retry Rules
- After receiving
429, the client should wait for the duration indicated byRetry-Afterbefore retrying - After receiving
500 INTERNAL_ERROR, the client may retry with exponential backoff - For side-effecting command endpoints, retries must reuse the same
Idempotency-Key - Clients should use bounded retries with jitter and must avoid tight retry loops
- Clients should not retry
400,401,403,404,409, or422without changing the request or credentials
Rate Limit Response Example
http
HTTP/1.1 429 Too Many Requests
Retry-After: 3
RateLimit: limit=1, remaining=0, reset=3json
{
"code": "RATE_LIMITED",
"message": "Too many requests",
"requestId": "req_001",
"data": {
"retryAfterSeconds": 3
}
}retryAfterSeconds carries the same value as the Retry-After response header, in seconds.