Rate Limiting
To ensure stability, performance, and fair usage, the Bermuda Commercial Bank RESTful Open Banking API enforces rate limiting. This prevents abuse and guarantees a consistent experience for all users.
π¦ What is Rate Limiting?
Rate limiting restricts the number of API requests a user or IP address can make within a specific time frame. Once the limit is reached, further requests are temporarily blocked.
π§ Strategy: Fixed Window
The API uses a fixed window rate limiting approach. This means requests are counted within a defined time window, and once the limit is hit, no further requests are allowed until the window resets.
π§ Current Configuration
- Time Window: 60 minutes
- Request Limit: 300 requests per user or IP address
π Example: If a user sends 300 requests within an hour, any additional requests during that hour will be blocked until the next 60-minute window begins.
β οΈ When the Limit is Exceeded
If the rate limit is exceeded, the API returns a 429 Too Many Requests response, including a timestamp indicating when you can retry.
π Example Response
{
"error": "Rate limit exceeded",
"message": "You have exceeded the 300 requests per 60 minutes limit. Please wait for the rate limit to reset.",
"retry_after": "2023-12-31T23:59:59Z"
}β Best Practices for Developers
Track Usage
Monitor your request count and avoid exceeding the limit.Graceful Handling
Implement logic to catch429responses and back off appropriately.Use
retry_after
Honor theretry_aftertimestamp before retrying requests.Optimize API Calls
Cache responses where possible and avoid redundant requests.Distribute Requests
Spread requests over time rather than sending them in bursts.
π§ Do You Need to Configure Anything?
No manual configuration is neededβrate limiting is handled by the API infrastructure. However, understanding these limits is essential for building efficient, user-friendly applications.
π¬ Need Help?
If you have questions or require additional support, please consult the full API documentation or contact our support team at π§ api@bcb.bm.