Rate Limits

All API endpoints require authentication. Regardless of the authentication method used, the Pabau API enables users to make requests based on their subscription plan.

The Pabau API applies a rate limit every 2 seconds for both authentication methods; however, the limits differ between requests made with the api_token and those made by OAuth application.

It is important to note that the rate limiting for the Pabau API is applied company-wide.

Below, you'll find the specific rate limits for each of our four subscription plans, detailing the limits for both authentication methods over a 2-second window:

If you exceed the rate limit, our API will start rejecting your requests and you'll receive an error response of HTTP 429 "Too Many Requests" in the body:

In addition to rate limiting, public API has a daily API fair usage limit for all POST/PUT endpoints. Fair usage is considered to be a maximum of 10 000 POST/PUT requests daily per user per 24 hours. The daily limit will be reset at midnight in UTC.

📘

We strongly recommend integrations built using api_token and apps using OAuth 2.0 to follow the daily fair usage limit of 10000 POST/PUT requests.

In the case of exceeding the 10 000 daily limit on multiple occasions, we may start blocking your POST/PUT requests towards our API.

If you're reaching the rate limit, options to improve performance include restructuring the integration architecture, using Webhooks and/or upgrading to Enterprise plan.