Rate Limits
The API enforces rate limits to ensure fair usage and maintain service stability for all consumers. When you exceed a limit, requests return a 429 status until the current window resets.
Limits subject to change
The Storefront API is open during the preview period. The default limits below describe the planned tiering at GA. Reach out if you need higher throughput while we finalize the production tiers.
Default limits
Every API key is subject to the following default rate limits. Contact support if your use case requires higher throughput.
Per minute
100 requestsPer day
10,000 requestsRate limit headers
Every API response includes headers that report your current rate limit status.
X-RateLimit-LimitMaximum requests allowed in the current windowX-RateLimit-RemainingRequests remaining in the current windowX-RateLimit-ResetUnix timestamp when the window resetsRetry-AfterSeconds to wait before retrying (only on 429 responses)429 Too Many Requests
When you exceed the rate limit, the API responds with a 429 Too Many Requests status code and includes a Retry-After header indicating how many seconds to wait before sending another request.
JSON
{
"error": {
"code": "rate_limit_exceeded",
"message": "Rate limit exceeded. Retry after 32 seconds.",
"status": 429
}
}Best practices
- Cache responses locally when data doesn't change frequently
- Use webhooks instead of polling for real-time updates
- Implement exponential backoff on
429responses - Spread requests evenly rather than bursting
- Use bulk endpoints where available to reduce request count