Rate Limits
The API rate-limits each request to keep the service fast and fair. Exceeding a limit returns 429 Too Many Requests.
Per-token limits#
Limits are tracked per API token — separate from the per-IP limits applied to unauthenticated traffic. Each token gets its own bucket, so one integration's usage never starves another's.
Limits by endpoint#
| Endpoint | Limit |
|---|---|
POST /companies/search | 60 / minute |
GET /companies/{id} | 120 / minute |
GET /credits | 60 / minute |
POST /exports | 5 / minute |
GET /exports/{id} | 120 / minute |
POST /exports/{id}/download | 30 / minute |
429 responses#
When you hit a limit, the response carries a Retry-After header (seconds to wait). Always honor it rather than retrying immediately.
Best practices#
Use jittered exponential backoff on 429 (and on 5xx):
async function withBackoff(fn, max = 5) {
for (let attempt = 0; ; attempt++) {
const res = await fn();
if (res.status !== 429) return res;
if (attempt >= max) return res;
const retryAfter = Number(res.headers.get("Retry-After")) || 2 ** attempt;
const jitter = Math.random() * 0.3 * retryAfter;
await new Promise((r) => setTimeout(r, (retryAfter + jitter) * 1000));
}
}The Rate Limits & Backoff guide goes deeper, with samples in all languages.