Rate Limits
All API endpoints are rate-limited to ensure fair usage and platform stability.
Limits by Endpoint Category
| Category | Limit | Window |
|---|---|---|
| API (general) | 1,000 requests | Per minute |
| Auth endpoints | 100 requests | Per minute |
| Agent heartbeats | 5 requests | Per minute per node |
| Agent metrics | 120 requests | Per minute per node |
| PCAP uploads | 10 requests | Per hour per node |
Rate Limit Headers
Every API response includes rate limit headers:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 997
X-RateLimit-Reset: 1710079380
| Header | Description |
|---|---|
| X-RateLimit-Limit | Maximum requests allowed in the window |
| X-RateLimit-Remaining | Requests remaining in current window |
| X-RateLimit-Reset | Unix timestamp when the window resets |
Handling Rate Limits
When rate-limited, the API returns a 429 response. Implement exponential backoff:
# Python example with retry
import time, requests
def api_call_with_retry(url, headers, max_retries=3):
for attempt in range(max_retries):
resp = requests.get(url, headers=headers)
if resp.status_code == 429:
reset = int(resp.headers.get('X-RateLimit-Reset', 0))
wait = max(1, reset - int(time.time()))
time.sleep(wait)
continue
return resp
raise Exception("Rate limit exceeded after retries")