Rate Limits
The VisitNote API enforces rate limits to ensure fair usage and platform stability. Rate limits are applied per-user based on the authenticated JWT token.
Current Limits
| Tier | Rate Limit | Window |
|---|---|---|
| General API | 60 requests | Per minute |
| Auth endpoints | 10 requests | Per minute |
| File uploads | 10 requests | Per minute |
| AI processing | 5 requests | Per minute |
Rate Limit Headers
Responses include rate limit headers when available:
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 45
Retry-After: 30Exceeding Limits
When you exceed the rate limit, the API returns a 429 Too Many Requests response:
{
"status": false,
"message": "Too many requests. Please try again later."
}Best Practices
- Cache responses — Store data locally and refresh only when needed. Many endpoints return data that changes infrequently.
- Use pagination — Request only the data you need using
per_pageandpageparameters. - Batch operations — Group related data updates instead of making individual requests.
- Exponential backoff — When you receive a 429, wait the duration specified in
Retry-Afterbefore retrying. - Use WebSocket for real-time — For messaging and notifications, use the Socket.IO connection instead of polling REST endpoints.
Organization Limits
Organizations with high-volume integration needs can request custom rate limits. Contact us to discuss enterprise rate limits for your integration.