Rate Limiting
If you exceed the rate limit, you will receive a 429 Too Many Requests response.
The RafikiSMS API enforces rate limits to prevent abuse and ensure fair usage. Limits are applied per API key or access token.
Default Rate Limits
- Authenticated requests: 60 requests per minute per token
- API Key requests: 60 requests per minute per API key
- OTP Generate: 3 requests per phone number per 5 minutes
Rate Limit Headers
Every API response includes headers indicating your current rate limit status:
X-RateLimit-Limit--- maximum requests allowedX-RateLimit-Remaining--- requests remaining in current windowX-RateLimit-Reset--- Unix timestamp when window resets
Handling Rate Limits
When you receive a 429 response:
- Wait for the rate limit window to reset (check
X-RateLimit-Reset) - Implement exponential backoff in your application
- Consider caching responses to reduce API calls
- Contact support if you need higher rate limits