Overview
Rate limits are applied per account and measured in requests per minute. When you exceed a limit, the API returns 429 Too Many Requests.
Your current rate limits are visible in the GET /me response under platform.rate_limits.
Default limits
Authenticated Lev API endpoints use two minute-level buckets on every request:
| API tier | Account-wide limit | Per-endpoint limit |
|---|---|---|
free | 30 requests/minute | 10 requests/minute |
standard | 100 requests/minute | 20 requests/minute |
enterprise | 500 requests/minute | 60 requests/minute |
The account-wide bucket is shared across all authenticated v2 endpoints for the active account. The per-endpoint bucket is keyed by account and endpoint, so one busy endpoint does not consume the whole account budget.
Your current tier and limits are visible in GET /me under platform.api_tier and platform.rate_limits.
Public unauthenticated endpoints use fixed limits:
| Endpoint | Limit |
|---|---|
POST /api/external/v2/auth/validate-api-key | 10 requests/minute |
GET /api/external/v2/health | 100 requests/minute |
Handling rate limits
When rate limited, the API returns:
{
"request_id": "...",
"error": {
"status": 429,
"type": "rate_limit_exceeded",
"message": "Per-minute API rate limit reached. Contact help@lev.com if you need a higher tier.",
"details": {},
"limit_type": "requests_per_minute",
"retry_after_seconds": 60
}
}Best practices:
- Implement exponential backoff — wait progressively longer between retries
- Use bulk endpoints where available instead of many individual requests
- Cache responses for data that doesn't change frequently (e.g., market data, asset types)
- Use sparse fieldsets to reduce payload sizes and improve response times
- Monitor your usage via the
GET /meendpoint to stay within limits