RafikiSMSRafikiSMS API

Rate Limiting

If you exceed the rate limit, you will receive a 429 Too Many Requests response.

The RafikiSMS API enforces rate limits to prevent abuse and ensure fair usage. Limits are applied per API key or access token.

Default Rate Limits

  • Authenticated requests: 60 requests per minute per token
  • API Key requests: 60 requests per minute per API key
  • OTP Generate: 3 requests per phone number per 5 minutes

Rate Limit Headers

Every API response includes headers indicating your current rate limit status:

  • X-RateLimit-Limit --- maximum requests allowed
  • X-RateLimit-Remaining --- requests remaining in current window
  • X-RateLimit-Reset --- Unix timestamp when window resets

Handling Rate Limits

When you receive a 429 response:

  1. Wait for the rate limit window to reset (check X-RateLimit-Reset)
  2. Implement exponential backoff in your application
  3. Consider caching responses to reduce API calls
  4. Contact support if you need higher rate limits