Rate Limits
Understand request rate limits and plan-based usage caps.
Request Rate Limits
Every API endpoint is rate-limited per bearer token (or per IP for unauthenticated requests). Limits reset every 60 seconds.
| Endpoint | Limit | Notes |
|---|---|---|
POST /authorize | 10 requests / min | Token generation — you only need one token per hour |
| All other endpoints | 60 requests / min | /upload, /convert, /extract, /job/:id, etc. |
When you exceed the limit, the API returns:
{
"statusCode": 429,
"error": "Too Many Requests",
"message": "Rate limit exceeded, retry in 42 seconds"
}The response includes a Retry-After header with the number of seconds to wait.
Plan-Based Usage Limits
In addition to request rate limits, each plan has monthly operation caps and concurrency limits:
| Free | Starter ($29/mo) | Pro ($79/mo) | |
|---|---|---|---|
| Monthly operations | 50 | 5,000 | 25,000 |
| Concurrent jobs | 3 | 20 | 50 |
| API keys | 2 | 10 | 25 |
| Max file size | 25 MB | 25 MB | 25 MB |
Monthly usage
Each call to /upload, /convert, or /extract counts as one operation. Usage resets on the first of each month. When you hit your limit:
{
"error": "Monthly usage limit reached (50). Upgrade your plan for more."
}Concurrent jobs
This limits how many jobs can be in queued or processing state at the same time. If you hit the limit:
{
"error": "Too many active jobs (3/3). Wait for current jobs to finish."
}Best Practices
- •Reuse bearer tokens — they last 1 hour. Don't call
/authorizebefore every request. - •Poll with backoff — when checking job status, wait 1-2 seconds between polls instead of hammering
/job/:id. - •Batch uploads first — upload all files, then submit conversion/extraction jobs for each.
- •Handle 429 gracefully — check the
Retry-Afterheader and wait before retrying.