Rate limits

iLive enforces a per-API-key rate limit on every /api/v2/* request. Limits are counted in two windows — requests per second (RPS) and requests per minute (RPM) — and the tighter of the two wins.

Tiers

Every key is assigned a tier when it's issued. The presets are:

Tier	RPM	RPS	Typical throughput	Best for
Standard	600	50	~36 k requests/hour	Most production workloads, onboarding, lookups.
High	6 000	200	~360 k requests/hour	Bulk indexing, high-volume search, large-scale dedupe jobs.
Unlimited	0	0	No cap	Reserved for specific enterprise agreements.

A limit of 0 means "no cap in that window." The unlimited tier disables both windows; it is not the default and has to be provisioned by support.

How the limiter works

Per API key. Separate keys on the same account have independent budgets, so you can carve off traffic classes by minting more keys.
Token bucket. The limiter uses a rolling RPM window (minute slot) combined with a 1-second RPS window. The first violation in either window returns 429.
Multi-replica safe. When iLive is deployed with shared storage across replicas, counters are centralised so the limit is global, not per-process. Single-replica deployments use an in-memory counter.

429 response

When a key is over budget, the API returns:

HTTP/1.1 429 Too Many Requests
 
{ "detail": { "code": "rate_limited", "message": "API key rate limit exceeded" } }

Match on the rate_limited code — see Error codes for the full catalogue.

Recommended client backoff

When a call returns 429, retry with exponential backoff and jitter. A reasonable default:

First retry after 1 s ± 250 ms.
Double on each subsequent attempt (2 s, 4 s, 8 s, …).
Cap the wait at 30 s.
Give up after 5 retries and surface the error to your caller.

import asyncio, random
 
async def with_retry(call):
    for attempt in range(5):
        resp = await call()
        if resp.status_code != 429:
            return resp
        delay = min(30, (2 ** attempt)) + random.uniform(-0.25, 0.25)
        await asyncio.sleep(max(0.1, delay))
    resp.raise_for_status()

For steady-state bulk work, stay well below the posted limits rather than riding them — the jittered backoff is a safety net, not a sizing strategy.

Upgrading your tier

Need more headroom? Contact your iLive account manager or email support@iliveauth.com. Self-service tier management is on the portal roadmap. Include:

The API key ID (not the secret) or the tenant name.
Target RPM/RPS and a brief description of the workload.
Any hard deadlines (launch dates, data-migration windows).

Related: API keys · Error codes · Rate limiting guide.