Skip to main content
We implement rate limting in Cashfree APIs to control the number of requests a client can make within a specified timeframe. This ensures fair usage among all users, protects the API infrastructure from abuse or spikes in traffic, and maintains consistent performance. Each API endpoint may have its own rate limit, defined by the maximum number of requests allowed per minute or hour. You can view the specific rate limits for each API through these links:

Payment API Rate limits

Payout API Rate limits

SecureID API Rate limits

ā€‹
Response Headers

Cashfree APIs include rate-limiting information in the response headers, such as:
  1. X-RateLimit-Limit: The maximum number of requests allowed in the current window.
  2. X-RateLimit-Remaining: The number of requests remaining in the current window.
  3. X-RateLimit-Reset: The time (in seconds) until the rate limit resets.

ā€‹
Throttling

If the limit is exceeded, the API returns a 429 Too Many Requests status code. Clients are advised to respect the retry-after time mentioned in the response headers before sending further requests.

ā€‹
Best Practices

  1. Implement exponential backoff strategies to handle retries gracefully.
  2. Monitor API usage and avoid excessive calls by caching responses where applicable.
  3. Use API keys responsibly and ensure the application logic adheres to the documented rate limits.