To ensure the stability and high performance of the MyAdmin API, we have implemented a rate limiting system. These limits protect the system from excessive load and help maintain fair usage for all partners.

The API uses two primary types of rate limits: Request-Based (how many calls you make) and Data-Based (how much data you retrieve). Additionally, a Global Per-IP limit caps total requests from a single IP address, regardless of endpoint or API key. The system always enforces the most specific rule available for a given endpoint.

Request-Based Limits

These limits restrict the number of API calls you can make within a specific time window.

Default Limit

There is a general limit of 100,000 requests per hour applied to any API endpoint that does not have a more specific, overriding rule.

Endpoint-Specific Limits

Certain endpoints have unique limits that override the default. View specific rate limits for each Method and Entity. These limits are applied based on either the client's API key or their originating IP address. Examples include:

EndpointPeriodLimit
*1h100,000
*1m150,000 records (adaptive)
*/v2/MyAdminApi.ashx1m375
*/v2/MyAdminApi.ashx1h22,000
*/WebServices/MyGeotabApi.ashx1m60,000
jsonrpc:GetOwnDatabases15m100
jsonrpc:PostOrder15m100
jsonrpc:GetDeviceTimelinesAsync15m300

* Applies to all endpoints by default (e.g. /v2/MyAdminApi.ashx, /v3/MyAdminApi.ashx), unless overridden by a more specific rule.

Global Per-IP Rate Limit

Regardless of API key or endpoint-specific rules, a global rate limit is enforced on all incoming requests based on the originating IP address.

  • Limit: 10,000 requests per 10 minute period per IP address

This limit applies across all endpoints and all API keys originating from the same IP. It is designed to protect the infrastructure from excessive load from a single source. If this limit is exceeded, the API will respond with an HTTP 429 Too Many Requests status code until the rolling window resets.

Data-Based (Adaptive) Limits

In addition to counting requests, the system also monitors the amount of data (number of records) you retrieve. This adaptive limit protects the API from unusually large or complex queries.

Each API method that returns data has an independent counter, which defaults to 150,000 records per minute. A limit breach occurs when the cumulative number of records retrieved from the same method exceeds its limit in a rolling one-minute window. When this happens, subsequent calls to that specific method are blocked until the counter drops below the limit.

Exceeding a Rate Limit

If a rate limit is exceeded, the API will temporarily pause processing requests and respond with an error. This is a normal and predictable part of interacting with the API, designed to ensure stable performance.

The error is communicated using the standard HTTP 429 Too Many Requests status code. This signal simply indicates that the request was not processed and that your application should wait a short period before sending more requests.