This feature is available from v0.22.0.

Rate limiting is an essential functionality for establishing a robust and resilient system. It safeguards system resources from being misused by malicious actors or being monopolized by one client.

A variable-cost token bucket rate limited algorithm has been added to provide the capability for different API controllers and methods to have a varying cost. It also lays a foundation for dynamic costing of resource consumption.

Limits

The following limits apply to each category of the Novu system. Each category has an independent bucket of request tokens to consume from. Standard requests cost 1 request token and bulk requests cost 100 request tokens. Both standard and bulk requests consume from the same token pool.

Each category has a different limit of requests per second (RPS), with the endpoints in each category shown below.

CategoryFreeBusinessEndpoints
Events60 RPS600 RPSTrigger
Configuration20 RPS200 RPSSubscribers, Topics, Tenants
Global30 RPS300 RPSAll other endpoints consume request tokens from this category.

HTTP response headers

When integrating with Novu API, it’s important to consider the rate limiting HTTP headers included in the response. These headers help you manage your API usage and avoid hitting rate limits.

RateLimit-Remaining: 219
RateLimit-Limit: 300
RateLimit-Reset: 2
RateLimit-Policy: 300;w=5;burst=330;comment="token bucket";category="trigger";cost="bulk";serviceLevel="free"
  • RateLimit-Remaining - Indicates the remaining number of request tokens in the current window.
  • RateLimit-Limit - Indicates the total number of request tokens available in the current window.
  • RateLimit-Reset - Indicates the number of seconds until the current window resets and the request token limit is fully replenished.
  • RateLimit-Policy - Defines the details of the applied rate limiting policy.
  • Retry-After - Specifies the number of seconds to wait before making another request.

Was this page helpful?