Rate limits
DigiCert APIs enforce a rate limit of 1000 requests per 3 minutes, along with a short-term rate limit of 100 requests per 5 seconds to protect against burst requests and prevent abuse.
Items to note:
Rate limits are based on the authenticated user's API key and are subject to change without notice.
Rate limits use a rolling time window, which means there's no specific interval at which rate limits reset. If you spread your requests properly, waiting a few seconds or minutes will restore API access.
What happens if requests exceed rate limits?
The 3-minute and short-term 5-second rate limits use a rolling time window. When you send a request, the service checks how many requests have occurred in the preceding 5 seconds and then checks the preceding 3 minutes. If the number of requests exceeds either rate limit, API access is temporarily blocked, and all requests return a 429 HTTP status code with this JSON response:
{ "errors": [ { "code": "request_limit_exceeded", "message": "Service unavailable, please limit request volume" } ] }