Skip to main content

Documentation

Request Rate Limits

Velocity checks.

The enforcement of request rate limits is a critical aspect of Rapyd's security infrastructure. Rate limits are implemented through a robust Web Application Firewall (WAF) solution. The WAF monitors and controls the incoming HTTP requests to ensure compliance with defined thresholds for both production and sandbox environments. The limits are as follows:

  • Production - 2000 requests per 5-minute period. Specific sensitive endpoints are limited to 100 requests per 5-minute period.

  • Sandbox - 100 requests per 5-minute period. This limit also applies to certain sensitive endpoints in the production environment.

These rate limits serve as proactive measures to protect against potential attacks like DDoS (Distributed Denial of Service), and ensure the stable operation of Rapyd's services.