Rate limiting


This page only applies to the pretix Hosted service at pretix.eu. APIs of custom pretix installations do not enforce any rate limiting by default.

All authenticated requests to pretix’ API are rate limited. If you exceed the limits, you will receive a response with HTTP status code 429 Too Many Requests. This response will have a Retry-After header, containing the number of seconds you are supposed to wait until you try again. We expect that all API clients respect this. If you continue to burst requests after a 429 status code, we might get in touch with you or, in extreme cases, disable your API access.

Currently, the following rate limits apply:

Authentication method

Rate limit

Device authentication

360 requests per minute per device

Token-based authentication

360 requests per minute per organizer account

OAuth authentication / “Connect with pretix”

360 requests per minute per combination of accessed organizer and OAuth application

Session authentication

Not an officially supported authentication method for external access

If you require a higher rate limit, please get in touch at support@pretix.eu and tell us about your use case, we are sure we can work something out.