Too Many Requests — the client exceeded the allowed request rate
What 429 Means
The 429 error on the HTTP Status-Codes indicates too many requests — the client exceeded the allowed request rate. This typically occurs due to burst of api calls exceeds the configured rate limit.
A 429 Too Many Requests response indicates that the server is intentionally throttling the client because it exceeded an allowed request rate. The server is available, but it is limiting throughput for a specific user, token, IP address, or session. Many implementations pair 429 with a Retry-After header to signal when the client will be allowed to make requests again under the current rate-limiting policy.
Technical Background
A 429 response reflects deliberate request shaping rather than an accidental outage. The service is reachable, but it is enforcing fairness, abuse prevention, or infrastructure protection limits against the request source.
That makes 429 different from 503. A 503 points to temporary service unavailability or overload at the server level, while a 429 points to a quota or throttle that applies to a particular client identity, token, session, or IP address.
Common Causes
- Burst of API calls exceeds the configured rate limit
- Repeated login attempts trigger throttling rules
- Shared IP address exceeds a request quota
- Crawler or bot traffic crosses the allowed threshold
Typical Scenarios
- A script sends API requests faster than the published quota allows
- A shared office IP triggers throttling after many users hit the same endpoint
- A login or verification flow blocks repeated attempts within a short window
What to Know
A 429 is usually temporary and scoped to the entity being limited rather than to the whole site. If only one API key, user account, or IP range sees the error, the service may still be healthy for everyone else while the rate-limiting window remains active.
Frequently Asked Questions
Common questions about HTTP 429 error
No. It usually means the service is available but actively throttling a specific client, session, token, or IP address that exceeded an allowed rate.
A 429 is a rate-limit response aimed at a particular requester. A 503 is a broader availability signal that the service itself is overloaded or temporarily unavailable.
Many rate limiters count requests per IP address. When multiple users or systems send traffic through the same address, they can collectively exceed the allowed quota and trigger 429 responses.