Rate Limiting Policy

Importing Data

For getting data into the Unit21 system (i.e imports) there is a limit of 200 calls per second.

There is a general limit of:

  • 200 requests per ip/route,
  • and the total size of the POST body must be smaller than 1MB and can include no more than 1000 objects (e.g., entities, instruments, or events) if you are sending multiple objects in a single call (i.e., a batch request)


What does 200 calls per second mean?

For example, you can only call the /create_event API endpoint 200 times every 1 second.


The LIST APIs are intended to only return a small list of data.

If you are trying to export large amounts of data (tens of thousands), please use the export functionality provided in the dashboard.

Evaluating Data

For evaluating data against the Unit21 system (e.g. running real-time rules on an event) there is a default limit of 30 calls per second. This limit can be increased by speaking with your customer success manager.

Status code indicating limit reached

Exceeding the limit will trigger a HTTP 429 (Too Many Requests) error. If your application has triggered the rate limit, please refrain from making additional requests until the appropriate amount of time has elapsed. You should add logic to handle cases in which a HTTP 429 code is received. If a retry is needed, it's best to allow for some back-off time to avoid going into an infinite retry loop.

Rate limit headers

For the most up-to-date information on rate limits, check the rate limit headers that will be returned in the HTTP response:

X-RateLimit-LimitThe total number of requests allowed for the active window
X-RateLimit-RemainingThe number of requests remaining in the active window
X-RateLimit-ResetUTC seconds since epoch when the window will be reset