Default limits
Unauthenticated requests are rate limited by IP address. The public charging endpoints (driver-facing, session-token based) are keyed by session token or IP address rather than by authenticated user account.
Rate limit headers
Rate-limited responses include the following headers:Handling rate limits
When you exceed the rate limit, the API returns a429 Too Many Requests response:
Retry-After header:
Best practices
- Cache responses when possible to reduce the number of requests.
- Use pagination rather than fetching large datasets repeatedly.
- Implement exponential backoff when receiving 429 responses.
- Batch operations where the API supports it (e.g., card imports).