Rate limiting

To ensure quality service and to prevent abuse, Kustomer limits the number of API requests that can be made in a short period of time. API rate limits differ by pricing tier. For more information on our pricing tiers, see our pricing plans. To help you track your rate limit usage, we include headers in API responses that include your current rate limiting status:


The API rate limit is applied across all API tokens configured for your organization. The default rate limit interval is 60 seconds.

Rate limits by pricing plan

PlanRate Limit

The following rate limits are set up across the platform:

Standard API limits

  • For machine users, the limit is 300 rpm for Professional, 500 rpm for Business, 1,000 rpm for Enterprise, and 2,000 rpm for Ultimate.
    • This limit is counted against the sum of requests through the API across the entire platform, regardless the endpoint or target object.
    • This limit is for for API keys such as backend integrations, and includes requests that pass through the API like bulk requests, paginated requests, and agent actions.
    • This limit does not apply to workflows and business rules, which do not pass through the API.
  • Non-machine (human) users that are using the app have a limit of 1,000 rpm.

Webhooks / form hooks

  • Webhooks and form hooks have an independent rate limit of 1,000 rpm.
  • Webhooks have a body size limit of 400kb, including whitespace.

Standard integrations

  • Standard integrations that we offer for inbound/outbound message processing (such as Postmark for email, Twilio for SMS, Facebook Messenger, or Twitter) are not rate-limited by organization.
  • However, some of these integrations are limited in other ways. For example, Postmark limits the number of inbound emails from the same email address to 20 per hour to prevent an auto-reply loop.

Object-specific rate limits

  • Any conversation/company/message object record can be updated 100 times in 10 minutes. This also applies to internal updates to a single customer record (such as via workflow).
    • Customer via API is the only exception to this rule. A single customer can be updated via the API 600 times in 10 minutes.
  • A single request has the potential to incur a count against both the standard API limit and object-specific rate limit thresholds, such as an API request to update an object.

Workflow executions

  • Workflow executions are limited to 1,000 requests per 30 second per event type (for example, Conversation update). This is to prevent infinitely looping workflows.

Rate limit headers

We strongly recommend that you use the following rate limit headers to ensure your requests are not rate limited:

  • x-ratelimit-limit: The maximum rate limit within the rate limit interval.
  • x-ratelimit-remaining : The remaining number of requests in the current rate limit window.
  • x-ratelimit-reset: The header returned when the rate limit has been exceeded. Represents the time (in UTC epoch seconds) when the rate limit window will reset.

Object rate limit headers

In addition to the general API rate limits described above, there are object rate limits that apply when a given user tries to update a specific resource in Kustomer.

  • A single Kustomer user can update a given Customer, Conversation, Company, Message, or custom object up to 50 times within a 10 minute interval.
  • A single Kustomer user can create up to 120 drafts, messages, conversations, notes, or custom objects for a single customer in a minute.

The Kustomer API will return the following headers on rate-limited requests: x-ratelimit-object-limit, x-ratelimit-object-remaining, and x-ratelimit-object-reset. See the Rate limit headers section for header descriptions.

Rate limit response

In your requests exceed the API rate limit for your plan, the Kustomer API will return a response with an HTTP status of 429 Too Many Requests.