CaraCara API
Guides

Rate Limits

API rate limits and how to stay within them.

Rate limit tiers

Key typeRequests per hourRequests per dayBurst limit
Test (sk_test_*)1001,00010/second
Live (sk_live_*)10,000Unlimited100/second

How limits work

Rate limits are applied per API key using a sliding window. When you exceed the limit, the API returns 429 Too Many Requests.

Monitoring usage

Check the rate limit headers on every response:

curl -I https://platform.caramedical.com/api/v1/patients \
  -H "Authorization: Bearer sk_live_your_key"
HTTP/2 200
X-RateLimit-Limit: 10000
X-RateLimit-Remaining: 9995
X-RateLimit-Reset: 1706003600

Best practices

  1. Cache responses — Avoid unnecessary API calls by caching data locally.
  2. Use webhooks — Instead of polling, set up webhooks for real-time updates.
  3. Batch operations — Use bulk endpoints (like POST /patients/bulk-import) to reduce call count.
  4. Respect Retry-After — When rate-limited, wait the specified time before retrying.
  5. Use test keys for development — Save your live key's rate limit for production traffic.

Previous

Error Handling

Next

Webhooks

On this page