Rate Limit (API)
Published Last updated
Key Takeaway
A rate limit is the maximum frequency at which an exchange API permits requests, with automatic temporary suspension of access imposed on bots that exceed the allowed call threshold.
What Is Rate Limit (API)?
A rate limit is the maximum frequency at which an exchange API permits requests, with automatic temporary suspension of access imposed on bots that exceed the allowed call threshold.
How Rate Limit (API) Works
Frequently Asked Questions
What happens if I exceed an exchange's API rate limit?
The exchange returns an HTTP 429 error and may temporarily ban your API key or IP address. Mild violations typically result in short delays (seconds to minutes). Severe or repeated violations can result in multi-hour IP bans that prevent any API access — including order management for open positions. Production trading systems must implement rate limit tracking to prevent this.
How do I avoid hitting API rate limits in my trading bot?
Use WebSocket subscriptions instead of REST polling for real-time data. Implement request queuing to serialise burst activity. Track per-endpoint consumption and back off proactively before hitting the limit. Cache data where freshness requirements allow. Use exponential backoff with jitter when 429 errors occur. Read the exchange's API documentation carefully — weight-based systems require understanding each endpoint's cost, not just total request count.
Are API rate limits the same on all crypto exchanges?
No — rate limits vary significantly between exchanges and change over time as exchanges update their infrastructure. Binance uses a weight-based system with different limits per endpoint. Kraken uses a separate credit system with token replenishment. Coinbase Advanced Trade uses fixed request-per-second limits. Always consult the current API documentation for the specific exchange you are using, not third-party guides which may be outdated.
Common Misconceptions About Rate Limit (API)
Rate limits only apply when making many requests in a burst — slow requests never trigger them.
Rate limits accumulate across all requests within the defined time window, regardless of pacing. A system making 1,200 requests per minute at exactly one-per-50ms still hits a 1,000/minute rate limit. Sustained rate also matters, not just peak burst. Some exchanges implement both per-second and per-minute limits, so staying within the per-minute ceiling while bursting within a second can still trigger the per-second limit.
Using multiple API keys allows unlimited requests.
Exchanges often apply rate limits per IP address as well as per API key. Using multiple keys from the same IP may trigger the IP-level limit regardless of key count. Distributing requests across multiple IP addresses (from separate VPS instances) does allow higher aggregate throughput, but violates terms of service on some exchanges if done to circumvent published limits.
WebSocket connections have no rate limits.
WebSocket connections do carry limits — on the number of concurrent connections, the number of subscriptions per connection, and on message send rates for order management over WebSocket. These limits are typically more generous than REST for data subscriptions but still require attention in systems with many simultaneous market subscriptions or high-frequency order updates via WebSocket.