Rate limiting
The Medallion API enforces per-API-key request throttling across all endpoints:
| Endpoint Category | Limit |
|---|---|
| Most endpoints | 240 requests/minute |
| Document download/upload | 30 requests/minute |
Rate limits are applied per API key across all endpoints. A single API key shares one 240/min budget regardless of which endpoints it calls.
How it works
Rate limiting uses a sliding window algorithm. The API tracks your requests over a rolling 60-second window. Your available capacity at any moment is:
240 - (requests made in the last 60 seconds)
This means the limit doesn't reset all at once. Capacity is freed gradually as older requests age out of the window.
When you exceed the limit
The API returns:
- HTTP 429 Too Many Requests status code
Retry-AfterHTTP header containing the number of seconds until your next request will be accepted (e.g.Retry-After: 34)
We recommend waiting for the Retry-After duration before retrying, and using exponential backoff for sustained bursts.
Updated about 2 hours ago