Rate Limits
Rate Limits
Nova throttles requests per credential to protect the platform.
Default quotas
| Credential type | Limit |
|---|---|
| Partner API key | 100 req / 10 s |
| Bearer JWT | 60 req / 10 s |
| Unauthenticated | 20 req / 10 s |
Limits apply per credential, not per IP. Spread bursts across multiple
keys if you need more headroom (or ask us to raise the quota).
Response headers
Every response includes:
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 87
X-RateLimit-Reset: 1714214140X-RateLimit-Reset is a unix timestamp — the next time the bucket
refills.
When you hit the limit
Status 429 with body:
{
"error": {
"code": "RATE_LIMITED",
"message": "Too many requests",
"details": { "retryAfterSeconds": 7 }
}
}The Retry-After header is also set. Honour it. Continued hammering can
escalate to a temporary block.
Best practice
- Cache reads where you can — partner trees, product catalogues, and
config rarely change. - Use webhooks instead of polling.
- Use bulk endpoints where they exist (e.g. SIM allocation) instead of
per-record loops. - For backfills or migrations, talk to us first — we can usually raise
the limit temporarily.
Updated about 4 hours ago