429 Too Many Requests

The rate limiter speaking: this client has sent more requests than allowed in the current window. Well-behaved servers include Retry-After (seconds or a date) and often X-RateLimit-* headers describing the quota.

What usually causes it

  • Genuine traffic bursts (loops without delays, parallel batch jobs)
  • Shared rate-limit keys (whole office behind one IP; one API key across services)
  • Retry storms: naive retry-on-429 amplifying the overload

How to debug and fix it

  1. Honor Retry-After exactly; absent it, use exponential backoff with jitter — never immediate retries.
  2. Batch and cache client-side: the cheapest request is the one not sent.
  3. If limits are per-key, split keys per service; if per-IP behind NAT, talk to the provider about higher tiers.
  4. Server-side: always send Retry-After — clients without it guess, and they guess aggressively.

Easily confused with