Rate Limiting
Rate limits for API and CDN endpoints.
Tuzzle applies rate limiting to protect the platform from abuse and ensure fair usage.
API Rate Limits
The API is split into two tiers, each with its own rate limit profile:
| API Tier | Description |
|---|---|
| Upload API | File uploads (direct, signed, unsigned, presigned). Higher limits for production throughput. |
| Admin API | Spaces, files, folders, upload configs. Standard limits for management operations. |
Rate Limit Headers
When rate limited, the API returns a 429 Too Many Requests response. Standard rate limit headers are included in responses:
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
Retry-After: 30
CDN Processing Limits
The CDN limits concurrent image processing to protect server resources. When the processing limit is reached, the CDN returns 503 Server busy, try again later.
Cached responses are served immediately and are not subject to processing limits. Only new transformations that haven't been cached count toward the limit.
Unsigned Upload Limits
Unsigned upload configs can set additional per-config rate limits:
{
"unsigned_restrictions": {
"max_uploads_per_hour": 100
}
}
This limit is enforced in addition to the global unsigned upload rate limit.
Best Practices
- Cache transformed URLs on your end to avoid unnecessary CDN processing
- Use eager transforms in upload configs for predictable variants
- Implement retry logic with exponential backoff for
429and503responses - Monitor your usage and contact support if you need higher limits