The Gorgias API is rate-limited using a leaky bucket algorithm, meaning that the number of requests you can make in a period of time is limited, but replenishes.

Request Limits

Each account has different rate limits depending on the type of authentication method used, and the account type:

OAuth2 apps can make 80 requests in a 20 second window
API key integrations can make 40 requests in a 20 second window
Enterprise accounts folow the same request limits, but have a smaller 10-second window

If you exceed these limits, your request will fail and the API will respond with a 429 Too Many Requests HTTP code.

Rate-Limiting Headers

All responses returned by the API contains rate-limiting headers to help you to handle this scenario and implement retries programmatically:

HTTP Response Header	Description
`Retry-after`	The number of seconds to wait before retrying the request. In this example, `5` means you need to wait 5 seconds.
`X-Gorgias-Account-Api-Call-Limit`	The number of requests made in the current period, along with the limit for that period. In this example,`10/80`means you have made 10 requests, and the limit is 80.