Rate Limits - Passu API

Response headers

When rate limiting applies, responses include:

ratelimit-limit
ratelimit-remaining
ratelimit-reset

HTTP headers are case-insensitive. The API is served over HTTP/2, which normalizes header names to lowercase on the wire. When a limit is exceeded, the API returns 429 Too Many Requests.

Initial limits

Current defaults:

standard read endpoints: 300 requests per minute
heavier read endpoints (GET /v1/events, GET /v1/metrics, GET /v1/analyses): 60 requests per minute
unauthenticated and token-exchange requests (by source IP): 30 requests per minute

These limits may change by environment or customer tier.

​Response headers

​Initial limits

Response headers

Initial limits