Rate Limits
To ensure the stability of the platform and fair usage for all users, the QuBit API imposes limits on request frequency. If you send too many requests in a short period, your connection may be temporarily blocked.
We employ a multi-layered rate limiting model. A request must pass through all layers of validation to be successfully processed by the server.
REST API Rate Limits
1. IP Layer Limit
This is the most basic protection layer, applied to all IP addresses accessing our servers.
Rule: A single IP address is limited to 1200 requests per minute.
Scope: This limit applies to all users (both authenticated and unauthenticated) and all endpoints originating from that IP.
2. API Key Layer Limit
To prevent the abuse of a single API Key, we set a basic request rate for each key.
Rule: A single API Key is limited to 10 requests per second.
Scope: Applies to every request made using that specific API Key.
3. UID + Request Weight Layer Limit (Primary)
This is the main and most granular limiting layer, calculated based on your User ID (UID) and the weight of each endpoint.
Rule: Each user (UID) has a total request weight quota of 1200 per minute.
How it works:
Every API endpoint is assigned a "weight" value. Lighter operations like queries have a low weight, while heavier operations like placing or canceling orders have a higher weight.
Each time you call an endpoint, the weight consumed by your UID within the current minute increases by the endpoint's weight value.
When the total consumed weight exceeds 1200 in a minute, all requests from all API Keys under your UID will be temporarily blocked until the next minute begins.
Example Endpoint Weights:
GET
/api/v1/common/instruments
2
Get instrument info
GET
/api/v1/asset/spot
5
Get spot account balance
GET
/api/v1/account/positions
5
Get positions
POST
/api/v1/trade/order
10
Place an order
POST
/api/v1/trade/close-position
10
Close a position
POST
/api/v1/trade/cancel-batch-orders
15
Cancel batch orders
POST
/api/v1/account/set-leverage
5
Set leverage
WebSocket API Limits
Connection Limit: A maximum of 30 concurrent WebSocket connections are allowed per IP address.
Subscription Limit: A single WebSocket connection can subscribe to a maximum of 100 channels.
Exceeding the Limits
When your request triggers any rate limit, the server will immediately return an HTTP 429 Too Many Requests status code with a response body like this:
{
"code": "42901",
"msg": "Rate limit exceeded. UID weight limit reached.",
"data": {
"retryAfter": 15 // Suggested time in seconds to wait before retrying
}
}Response Headers
To help you manage your request rates programmatically, the response headers of every successful API request include the current rate limit status:
X-RATELIMIT-IP-REMAINING: The number of requests remaining for the IP layer in the current minute.X-RATELIMIT-KEY-REMAINING: The number of requests remaining for the API Key layer in the current second.X-RATELIMIT-UID-WEIGHT-USED: The total weight consumed by your UID in the current minute.
We strongly recommend monitoring these headers in your application to avoid being temporarily banned.
Last updated