Skip to main content
Rate limits protect the platform and ensure fair usage across all organizations. When you exceed the limit, Deck returns a 429 status code and you should retry with backoff.

Limits

The rate limit is 200 requests per 10 seconds per organization. Limits are applied across all API keys in your organization. If you have multiple services making requests with different keys, they share the same quota.

Rate limited responses

When a request is rate limited, Deck returns: 
{
  "errors": [
    {
      "type": "rate_limit",
      "code": "rate_limit_exceeded",
      "message": "Too many requests."
    }
  ],
  "request_id": "req_a1b2c3d4..."
}

Handling rate limits

Implement retries with exponential backoff when you receive a 429 response. 
async function requestWithBackoff(url, options, retries = 5) {
  for (let attempt = 0; attempt < retries; attempt++) {
    const res = await fetch(url, options)

    if (res.status !== 429) return res

    const delay = Math.min(1000 * Math.pow(2, attempt), 30000)
    await new Promise(r => setTimeout(r, delay))
  }

  throw new Error('Rate limit retries exhausted')
}

Best practices

  • Use events instead of polling. Register an event destination and let Deck push status updates to you rather than polling GET endpoints in a loop.
  • Paginate list requests. Use limit and cursor to fetch results in pages rather than requesting large datasets in a single call.
  • Queue task runs. If you have many tasks to run against one connection, queue them on your side and submit the next one after the previous completes.
  • Use workflows for multi-step operations. A workflow executes steps sequentially server-side, which avoids the overhead of multiple round-trip API calls and keeps you under rate limits.