Skip to main content
The HASP AI API enforces three independent layers of rate limiting. All three must pass for a request to proceed.

Three-layer model

LayerScopePurpose
Per-key RPM/dailyPer API keyProtect the system from a single misbehaving key (buggy loop, leaked credential)
Per-org aggregate RPMPer org, across all keysPrevent load-spreading across many keys from overwhelming upstream capacity
Dollar spend capPer org, per billing cycleProtect the customer’s bill from runaway cost

Per-key limits

LimiterDeveloperGrowthScaleEnterprise
Requests per minute (ai:chat, ai:messages)60 RPM500 RPM2,000 RPMCustom
Daily requests5,00050,000500,000Custom

Per-org aggregate limits

LimiterDeveloperGrowthScaleEnterprise
Org RPM (all keys combined)1802,50010,000Custom

Response headers

Every AI response includes rate limit headers: 
X-RateLimit-Limit-Requests: 60
X-RateLimit-Remaining-Requests: 47
X-RateLimit-Reset-Requests: 1746374520
On AI endpoints, token-level headers are also included: 
X-RateLimit-Limit-Tokens: 100000
X-RateLimit-Remaining-Tokens: 83250
X-RateLimit-Reset-Tokens: 1746374520
The reset values are Unix timestamps (seconds).

429 response

When a limit is hit, the response is: 
{
  "success": false,
  "error": {
    "code": "RATE_LIMITED",
    "type": "rate_limited",
    "message": "Rate limit exceeded. Retry after 12 seconds.",
    "retryable": true,
    "details": {
      "retry_after_seconds": 12
    },
    "request_id": "req_..."
  }
}
The Retry-After header (RFC 6585) is also set to the same value.

Spend cap (budget)

A dollar spend cap is a separate limit from RPM — it protects against overspending across a billing cycle, not against burst traffic. When the cap is reached, requests return 402 AI_CREDITS_EXHAUSTED: 
{
  "error": {
    "code": "AI_CREDITS_EXHAUSTED",
    "type": "payment_required",
    "details": {
      "cycle_reset_at": "2026-06-01T00:00:00Z"
    }
  }
}
Spend caps are configured in Settings → Billing → Spend Cap (budget management via API is a future phase).

API tier entry point

The API ladder starts at the Developer tier — there is no Starter or free API tier. New accounts get a 30-day / 50,000 credit free evaluation that covers both the Platform and AI API. After evaluation, a Developer or higher plan is required for continued AI API access.