eBECAS/EDMISS Next Generation (Web)

API Rate Limits

The API implements rate limits to ensure the stability, performance, and fair use of the service.

Rate limits are applied at the organisation level, not per API token. This means that all API tokens issued for the same organisation share the same rate limits. The limits available to your organisation are determined by your subscription plan.

Rate Limit Periods

The API enforces two independent rate limits:

  • Per-minute limit: The maximum number of requests that can be made during a 60-second period.

  • 24-hour limit: The maximum number of requests that can be made during a 24-hour period.

Each rate limit period begins with the first request received after the previous period has expired. Once the limit is reached, additional requests are rejected until the current period ends and a new one begins.

For example, if the first request in a new 24-hour period is received at 2:30 PM, the period expires at 2:30 PM the following day. The next request received after that time starts a new 24-hour period.

Rate Limits

The rate limits available to your organisation are determined by the number of licences included in your subscription.

Each organisation receives a base rate limit, with additional capacity allocated for each licence.

Rate Limit

Base Allowance

Additional Allowance

Per minute

60 requests

-

Per 24-hour period

3,000 requests

200 additional requests per licence

Example

An organisation with 10 licences would have the following rate limits:

  • Per-minute limit: 60 requests

  • Per 24-hour period: 3,000 + (10 × 200) = 5,000 requests

If your integrations require higher request volumes, contact your system administrator or Equator IT to discuss the available options.

Your Rate Limits

You can view the rate limits currently applied to your organisation by following these steps:

  1. From the Utilities menu, go to Apps.

  2. Locate the Equator API app and click View.

  3. Open the Version 2 tab.

  4. In the Rate Limits section, view the current per-minute and 24-hour rate limits that apply to your organisation.

Monitoring Rate Limits

The API includes rate limit information in the response headers for every request. These headers allow your application to monitor its current usage and adjust its request rate if necessary.

Header

Description

X-RateLimit-Limit

The maximum number of requests permitted during the current rate limit period.

X-RateLimit-Remaining

The number of requests remaining in the current rate limit period.

As rate limits are applied at the organisation level, these values represent the remaining capacity shared by all API tokens belonging to your organisation.

Applications should monitor these headers and reduce or pause requests as the remaining quota approaches zero to avoid receiving 429 Too Many Requests responses.

When a Rate Limit Is Exceeded

If a request exceeds either the per-minute or 24-hour rate limit, the API returns a 429 Too Many Requests response.

The response includes a Retry-After header indicating the number of seconds remaining until the current rate limit period expires. Clients should wait for the specified time before retrying the request.

Example:

HTTP/1.1 429 Too Many Requests
Retry-After: 42
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 0

We recommend implementing an exponential backoff strategy when retrying requests after receiving a 429 Too Many Requests response. This helps prevent repeated rate limit violations and reduces unnecessary load on the API.