# Rate limits The [ev.energy](http://ev.energy) REST API uses rate limiting to prevent individual clients having a negative impact on other users of the service. All authenticated clients are limited to **1000 requests per hour** by default. The intention of this policy is to protect the service from unintentional or malicious usage that would have a negative impact on other users and we aim to **never restrict normal usage**. If the 1000 requests per hour default is likely to cause problems for you, particularly as your integration scales, please contact your account manager or email [developers@ev.energy](mailto:developers@ev.energy) and we can arrange a more appropriate limit. The hour is a rolling period, so if you make 1000 requests at 11:59, you cannot make any more until 12:59. (That is, the limit is not reset at the top of the hour.) Rate limiting is applied to each unique combination of OAuth application and user. For clients using the “authorisation code” method, this means each user will have their own rate limit. For clients using the “client credentials” method, this means all your requests will share the same limits. # Checking your rate limit status Every response from the API will include headers describing the status of rate limiting for your token: ```bash $ curl -i https://api.ev.energy/v2/users/ > HTTP/2 200 > x-ratelimit-limit: 1000 > x-ratelimit-remaining: 420 ``` In this example, the client has 420 of its 1000 requests remaining. # Exceeding the rate limit If you exceed the rate limit, you will receive a **429 Too Many Requests** status code response. It will also include the number of seconds until you can make another request in the `RetryAfter` header: ```bash $ curl -i https://api.ev.energy/v2/users/ > HTTP/2 429 > retry-after: 42 { "type": "https://api.ev.energy/v2/problems/rate-limit-exceeded/", "status": 429, "title": "Too many requests", "detail": "Request was rate limited. Try again in 42 seconds", } ``` In this example, the client has 42 seconds until it can make another request.