Rate Limiting
HookSniff rate limits API requests per account to protect the platform and ensure fair usage.
How Rate Limiting Works
HookSniff uses a sliding window algorithm. Each API key has a requests-per-minute limit based on your plan. When you exceed the limit, requests return 429 Too Many Requests.
Rate limits apply to all authenticated API endpoints. Health checks and public endpoints are not rate limited.
Plan Limits
| Plan | Price | Requests/min | Webhooks/month | Endpoints |
|---|---|---|---|---|
| Developer | $0 | 100 | 1,000/gΓΌn | 5 |
| Startup | $24/ay | 500 | 30.000/gΓΌn | 50 |
| Pro | $49/ay | 1,000 | 100.000/gΓΌn | 500 |
| Enterprise | $149/ay | Γzel | SΔ±nΔ±rsΔ±z | SΔ±nΔ±rsΔ±z |
Yearly billing: 20% discount. Overage pricing: Startup $0.003/event, Pro $0.0001/event.
Rate Limit Headers
Every API response includes rate limit headers:
X-RateLimit-Limit: 500 // PlanΔ±nΔ±zΔ±n limiti
X-RateLimit-Remaining: 487 // Pencerede kalan istek
X-RateLimit-Reset: 1705312260 // Pencerenin sΔ±fΔ±rlanacaΔΔ± Unix zaman damgasΔ±When rate limited (429), the response includes:
HTTP/1.1 429 Too Many Requests
Retry-After: 30 // Tekrar denemeden ΓΆnce beklenecek saniye
{
"error": {
"code": "RATE_LIMIT_EXCEEDED",
"message": "Rate limit exceeded. Try again in 30 seconds."
}
}Handling Rate Limits
When you receive a 429 response:
- 1. Stop sending requests
- 2. Wait for the number of seconds in the Retry-After header
- 3. Resume with exponential backoff if retries continue
async function sendWithRetry(url: string, options: RequestInit, maxRetries = 3): Promise<Response> {
for (let i = 0; i < maxRetries; i++) {
const response = await fetch(url, options);
if (response.status !== 429) return response;
const retryAfter = parseInt(response.headers.get('Retry-After') || '30');
console.log(`Rate limited. Waiting ${retryAfter}s...`);
await new Promise(r => setTimeout(r, retryAfter * 1000));
}
throw new Error('Max retries exceeded');
}Monthly Webhook Limits
Each plan has a monthly webhook delivery limit. This counts successful API calls to POST /v1/webhooks, not deliveries to endpoints.
- Developer ($0): 1,000 webhooks/month β blocked at limit
- Startup ($24/mo): 30,000 events/day β overage at $0.003/event
- Pro ($49/mo): 100,000 events/day β overage at $0.0001/event
- Enterprise ($149/mo): Unlimited events β custom pricing
Check your current usage via the API: GET /v1/billing/usage
Per-Endpoint Throttling
In addition to account-level rate limits, HookSniff supports per-endpoint throttling to protect your customers' servers. This uses a token bucket or sliding window algorithm configured per endpoint.
Per-endpoint throttling is useful when:
- A customer's server can only handle a certain number of webhooks per second
- You want to prevent burst traffic from overwhelming a slow endpoint
- You need different rate limits for different customers