# Rate Limits Transact API has an upper limit to the number of requests you can make within a given time period. This is to prevent denial-of-service attacks and ensure an uninterrupted experience for other users. Rate limits apply per Resource Owner, per application. This means that: - requests from the same application on behalf of the same Resource Owner **will** share a limit - requests on behalf of different Resource Owners **will not** share a limit - requests from a different application **will not** share a limit. Note that both successful and unsuccessful requests count against the rate limit, including requests that are unsuccessful due to being rate limited. ## Current limits The Transact API's primary rate limit is currently **5,000 requests per hour.** Requests from your application on behalf of a given Resource Owner will be rate limited if they exceed this frequency. In addition to the primary rate limit, the API also imposes a secondary rate limit to prevent degradation of service due to intense bursts of activity. The secondary rate limit is **300 points per minute**, where: - read operations (`GET`) count as 1 point each - write operations (`POST`, `PATCH`, `DELETE`) count as 5 points each. ## Hitting a rate limit Each response contains three informational headers indicating the current primary rate limit status: - `X-RateLimit-Limit`: The maximum number of allowed requests for the current time period. - `X-RateLimit-Remaining`: The number of allowed requests remaining for the current time period. - `X-RateLimit-Reset`: The relative time in seconds until the rate limit window resets. If you make a request that has exceeded a rate limit, you will receive a `429 Too Many Requests` response with a `Retry-After` header indicating how many seconds you should wait until making your next request. You should not retry your request, or make any other requests, until the `Retry-After` period has elapsed. The `detail` field within the [Problem response body](errors.md#problem-response-body) will indicate when the secondary rate limit is exceeded. This field is for human consumption, not machine parsing, and is subject to change without notice. :::danger Continuing to make requests while rate limited may result in your Transact API access being suspended. ::: ## Further rate limits Transact reserves the right to impose further rate limits without notice. These may occur during periods of high traffic, when suspicious activity has been detected, or otherwise at Transact's discretion.