429 Too Many Requests
The rate limiter speaking: this client has sent more requests than allowed in the current window. Well-behaved servers include Retry-After (seconds or a date) and often X-RateLimit-* headers describing the quota.
What usually causes it
- Genuine traffic bursts (loops without delays, parallel batch jobs)
- Shared rate-limit keys (whole office behind one IP; one API key across services)
- Retry storms: naive retry-on-429 amplifying the overload
How to debug and fix it
- Honor Retry-After exactly; absent it, use exponential backoff with jitter — never immediate retries.
- Batch and cache client-side: the cheapest request is the one not sent.
- If limits are per-key, split keys per service; if per-IP behind NAT, talk to the provider about higher tiers.
- Server-side: always send Retry-After — clients without it guess, and they guess aggressively.
Easily confused with
Debugging an API? Build and inspect requests, check response headers, or read the full status-code debugging guide.