TrustShield

Developer documentation

Rate Limits

Design integrations that stay reliable under quota windows, bursts, and temporary throttling.

Availability

How rate limiting works

TrustShield APIs are prepared for per-key quotas, burst protection, and abuse prevention. Production values depend on the workspace, environment, and enabled modules, so examples are intentionally labeled as examples until the backend publishes exact limits.

Burst limits

Example values are returned through response headers when configured.

Daily quota

Example values are returned through response headers when configured.

Workspace policy

Example values are returned through response headers when configured.

429 handling

Retry strategy

Treat 429 responses as a normal control signal. Wait for the retry window, apply exponential backoff with jitter, and avoid retry loops that amplify traffic during service pressure.

  • X-RateLimit-Limit: Example
  • X-RateLimit-Remaining: Example
  • X-RateLimit-Reset: Example
  • Retry-After: Example

Do not assume fixed production quotas

Use response headers and workspace configuration as the source of truth. Avoid hardcoded retry timing unless your enterprise agreement documents the value.