Rate limits
Learn about Codat's API rate limits and their usage
Third-party rate limits
Many of the financial platforms that Codat integrates with impose rate limits on the use of their APIsAPI A set of rules and protocols that allows different software applications to communicate with each other. Codat provides APIs for accessing financial data from accounting, banking, and commerce platforms.. These limits are enforced and reported separately by each APIAPI A set of rules and protocols that allows different software applications to communicate with each other. Codat provides APIs for accessing financial data from accounting, banking, and commerce platforms..
Handling rate limits is a challenging aspect of building financial integrations. With Codat, you benefit from our bespoke rate limit handling across all supported providers. This gives you the maximum possible access to your SMBSMB The primary customer segment that Codat helps businesses serve, typically companies with annual revenues under $500 million. users' contributed data.
Codat rate limits
Rate limits listed on this page are enforced by api.codat.io, and it is not possible to make APIAPI A set of rules and protocols that allows different software applications to communicate with each other. Codat provides APIs for accessing financial data from accounting, banking, and commerce platforms. calls that exceed the quota.
Codat will return a 429 status code for all requests to the APIAPI A set of rules and protocols that allows different software applications to communicate with each other. Codat provides APIs for accessing financial data from accounting, banking, and commerce platforms. that are received while rate limiting is active. The body of the response will look like any other error that gets returned by Codat.
The response will also include a Retry-After header that will advise your calling system when the current rate limiting will deactivate.
How rate limits are calculated
Codat calculates its rate limits based on the number of active connected companies (ACCs). The rate limits are as follows:
1,000 x (1 + number of ACCs)requests per day- 10 concurrent requests per ACC
For example, if you have 100 ACCs, you can make up to 101,000 requests per day.
ACC, or Active Connected CompanyCompany In Codat, a company represents your customer's business entity. Companies can have multiple connections to different data sources., is a companyCompany In Codat, a company represents your customer's business entity. Companies can have multiple connections to different data sources. that has an active, linked, and syncing connectionConnection A link between a Codat company and a data source (like an accounting platform). Each connection represents authorized access to pull or push data from that platform. to an underlying platform.
Why am I exceeding my quota?
If you are regularly exceeding our limits, it usually means there is an overlooked issue in your application or product. We will get in touch with you to discuss possible improvements to reduce the number of calls. This will enhance the Codat experience for you and your customers.
Our rate limits are calculated daily and reset at 00:00 UTC each day. You can use our dedicated client.rateLimit.{reset|reached} webhook event types to be notified about rate limit changes.
Rate limit headers
Every response from our APIAPI A set of rules and protocols that allows different software applications to communicate with each other. Codat provides APIs for accessing financial data from accounting, banking, and commerce platforms. includes a set of headers that show how your use compares to your rate limits:
X-Rate-Limit-Limittells you the maximum number of requests for the current quota period.X-Rate-Limit-Remainingtells you the number of remaining requests you have in the quota period.X-Rate-Limit-Resettells you the date when the quota will be reset.
Once the limit is exceeded, all further requests will also contain the standard Retry-After header that informs your system when the request can be performed next.
Hard DoS-based limits
Hard DoS-based limits are set to protect against bad actors and do not prevent sensible usage. Codat sets these limits at:
- 1,000 requests per minute from any IP Address.
We may block an IP's traffic without warning if, in our view, it significantly interferes with the operation of our APIAPI A set of rules and protocols that allows different software applications to communicate with each other. Codat provides APIs for accessing financial data from accounting, banking, and commerce platforms..