The SureCart API uses a number of safeguards against bursts of incoming traffic to help maximize its stability. If you send many requests in quick succession, you might see error responses with status code 429.
API Limiters
We have several limiters in the API, including a rate limiter and a concurrency limiter. Treat the limits as maximums, and don’t generate unnecessary load. To prevent abuse, we might reduce the limits.
You can request a limit increase to enable a high-traffic application by contacting SureCart Support.
Rate Limits
The basic rate limiter restricts the number of API requests as follows:
Default Limit: 150 operations / 10 seconds
Sensitive Endpoints: 10 operations / 1 minute
Public Endpoints: 60 operations / 1 minute
Sensitive endpoints include those that may trigger notifications or call third-party services. In general, these are endpoints that should not be called frequently.
Public endpoints are those that are accessible with a public API key. For example, our license check endpoint.