By default, all REST endpoints use a sustained limit of 10 requests per second, and a burst limit of 60 requests. Requests that exceed this limit will receive an HTTP 429 response, with the error code too_many_requests. The following actions have different rate limits set:

• Creating a withdrawal has a sustained limit of 5 requests per hour, and a burst limit of 20 requests
• Provisioning a deposit address has a sustained limit of 5 requests per hour, and a burst limit of 20 requests
• Creating and deleting API keys has a sustained limit of 5 requests per hour, and a burst limit of 20 requests
• Getting Cross order history has a sustained limit of 30 requests per second, and a burst limit of 15 requests.
• Adding a spot or perps order has a sustained limit of 30 requests per second, and a burst limit of 15 requests.
• Getting fills from spot or perps has a sustained limit of 30 requests per second, and a burst limit of 15 requests.

These limits may change at any time due to exchange activity. Please consider implementing an exponential backoff for failed requests. If you run into these limits when polling for updates, consider instead subscribing to the spot, cross, or perps websockets for faster updates.

Technical Details

Enclave markets uses Token Bucket rate limiting: we implement a “token bucket” that can hold Burst Limit tokens, and refills at Sustained Limit tokens per second. These buckets begin full after each restart. This means that you can expect a single burst of up to Burst Limit requests to succeed, or sustained polling at up to the Sustained Limit to succeed, but any more requests to fail. Each authenticated endpoint has a separate bucket for each account ID. Each unauthenticated endpoint has a separate bucket for each IP address making requests.