Rate Limits
The Creatorlayer API enforces rate limits per API key to ensure fair use and service stability.
Limits
| Tier | Requests / minute | Burst | Applies to |
|---|---|---|---|
| Pilot | 60 | 10 | All pilot lender keys |
| Production | 300 | 50 | Production keys (post-pilot) |
Limits apply per API key. All endpoints share the same quota.
Rate limit headers
Every API response includes headers showing your current usage:
| Header | Meaning |
|---|---|
X-RateLimit-Limit | Maximum requests allowed per minute |
X-RateLimit-Remaining | Requests remaining in the current window |
X-RateLimit-Reset | Unix timestamp when the window resets |
When you are rate limited
A 429 Too Many Requests response is returned with a Retry-After header:
HTTP/1.1 429 Too Many Requests
Retry-After: 8
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1742394120
{
"error": "rate_limited",
"message": "Too many requests. Retry after 8 seconds."
}
Always honour Retry-After — retrying immediately will extend your backoff window.
Avoiding rate limits
Use idempotency keys
If a request times out, retry with the same Idempotency-Key rather than creating a new request. This avoids burning quota on duplicate verifications.
Poll efficiently
When polling for verification status, use a minimum interval of 5 seconds between requests. Most verifications complete within 30–90 seconds after the creator completes consent.
# Recommended polling pattern
while true; do
STATUS=$(curl -s https://api.creatorlayer.eu/api/v1/verifications/VRF_ID \
-H "Authorization: Bearer YOUR_API_KEY" | jq -r '.status')
[ "$STATUS" = "completed" ] && break
sleep 5
done
Use webhooks instead of polling
The most efficient approach is to register a webhook endpoint and stop polling entirely — see Getting Started § Set up webhooks.
Limit increases
If your integration requires higher limits, contact hello@creatorlayer.eu with your expected request volume and use case. Production keys with higher limits are available post-pilot.