Pushpay uses a tiered system of rate limits to ensure that no single API client can cause detrimental performance to the Pushpay platform.
The rate limits are enforced in tiers - this is to allow bursts of activity.
The rate limits are applied at the Client ID and Organization level (so if 2 different Pushpay Organizations have authorized access to different sets of data, those 2 issued refresh tokens/access tokens will not share the same rate limit).
When a rate limit is hit the Pushpay API will return a 429 status code response
Too many requests.
This response will include the following:
retry-aftervalue which indicates the number of seconds the client needs to wait before attempting another request.
So when making your first attempt at an API request, if you receive a 429 status code response then wait the
retry-after number of seconds + 1 second before attempting another request.
If that first retry fails, retry again after
retry-after number of seconds + 2 seconds before attempting another request.
Then for subsequent requests wait for an exponential number of seconds e.g.
retry-after + 4 seconds,
retry-after + 8 seconds,
retry-after + 16 seconds etc.
In some cases, including a small random amount of delay will also help to ensure you don't end up with all the retries happening at the same time.
This will provide accommodation for your application making multiple concurrent retry attempts.
The current rate limits of the platform are:
If you have concerns that your application will need to exceed these limits please contact firstname.lastname@example.org so we can discuss your needs and work together on finding a suitable solution.