REST API rate limits and error codes

Reference for REST API rate limits, error formats, and error codes.

REST API rate limits

All rate limits are per IP address.

Scope	Limit
Default (all endpoints)	10,000 requests / 10 sec
`/api/v4/public/*`	20,000 requests / 10 sec
`/api/v4/trade-account/*`	12,000 requests / 10 sec
`/api/v4/main-account/*`	1,000 requests / 10 sec

Scope-specific limits override the default where listed. Some endpoints have tighter limits that override the defaults above. These are documented on the respective endpoint pages. When the rate limit is exceeded, the API returns HTTP status 429 (Too Many Requests). Use exponential backoff before retrying (see Best practices below).

REST API error format

All v4 endpoints return errors as JSON. The format differs between public and private APIs.

Public endpoints

{
  "success": false,
  "message": "ERROR MESSAGE",
  "params": []
}

Private endpoints

{
  "code": 0,
  "message": "MESSAGE",
  "errors": {
    "PARAM1": ["MESSAGE"],
    "PARAM2": ["MESSAGE"]
  }
}

Authentication error reference

The following errors are returned by private REST endpoints when the request signature or credentials are invalid.

HTTP status codes

Best practices

Retry strategy by error type

Error type	Retry?	Strategy
Rate limit (429)	Yes	Exponential backoff: start at 1s, double on each retry, cap at 30s. Add jitter.
Authentication error	No	Fix the root cause: check API key validity, signature computation, and header names.
Validation error	No	Fix the request parameters. Read the `errors` field for field-level feedback.
Insufficient balance	No	Check the account balance and wait for pending operations to settle.
Server error (5xx)	Yes	Exponential backoff. If persistent, check platform status or contact support.

Exponential backoff

When rate limited, wait before retrying. Double the wait time after each failed attempt (1s → 2s → 4s → 8s).

Batch requests

Combine multiple operations when the API supports batch endpoints. For example, use Bulk Limit Order instead of multiple single order requests.

Nonce management

For private endpoints, ensure each request uses a unique, incrementing nonce. Use Unix timestamp in milliseconds when nonceWindow is enabled. Avoid concurrent requests with the same nonce.

Reduce REST polling

Use WebSocket for real-time data — Subscribe to price, orderbook, and balance channels instead of polling REST endpoints. One WebSocket connection replaces hundreds of REST requests. See WebSocket Quickstart.
Cache public data — Market info, asset statuses, and fee structures change infrequently. Cache responses and refresh periodically (for example, every 60 seconds).
Use conditional requests — Check local state before making API calls. Avoid redundant balance checks when no trades have executed.
Distribute requests — Spread requests evenly across the 10-second window instead of sending bursts.

API Reference Overview — Base URL and endpoint groups
Authentication — Signing and header requirements
WebSocket Rate Limits — WebSocket connection limits, error codes, and timeout behavior

Getting Started

Market Data

Spot Trading

Collateral Trading

Convert

Account & Wallet

Sub-Accounts

Mining Pool

OAuth

REST API rate limits and error codes