Skip to main content
All rate limits apply per credential. Exceeding a limit returns an HTTP 429 Too Many Requests response.

Per-Endpoint Limits

EndpointMethodRate Limit
/tokensPOST5 requests/hour per email address
/usersGET10 requests/second
/accountsGET10 requests/second
/definitionsGET10 requests/second
/qualificationsGET10 requests/second
/projectsGET10 requests/second
/projectsPOST10 requests/second
/projectsPATCH10 requests/second
/surveysGET10 requests/second
/surveysPOST10 requests/second
/surveysPATCH10 requests/second
/responsesGET6,000 requests/minute
/responsesPATCH6,000 requests/minute

HTTP 429 Response

When you exceed a rate limit, the API returns:
HTTP/1.1 429 Too Many Requests
{
  "message": "Too many requests. Please try again later."
}
Implement exponential backoff and retry logic in your integration to handle 429 responses gracefully.

Best Practices

Cache tokens

Tokens are valid for 12 hours. Store the token and its expiration timestamp — do not re-authenticate on every API call.

Reuse lookup data

Definitions and Qualifications change infrequently. Cache this data at application startup or on a daily refresh rather than fetching per request.

Batch response polling

The /responses endpoint has a high limit (6,000/min) to support polling workflows. Use page and page_size parameters to paginate efficiently.

Use staging for load testing

Run all performance and load testing against the staging environment (https://stage-demand.researchdesk.com) to avoid impacting production limits.