Rate limits

Rate limits are scoped on an application-user pair at 200 requests per minute. This means that you can make 200 calls per minute on behalf of each user/company that has connected your application. If you make more than 200 calls for a single user in the window, subsequent requests will return responses with the HTTP status 429: Too Many Requests until the window closes.

Excessive calls to the Gusto API over a short period of time are subject to rate limits. Rate limits are enforced in a 60-second rolling window. The window opens after your first API call and closes after 60 seconds has elapsed. A new window opens when you send your next API request.

API response headers

The following headers are now available to use when handling rate limiting programmatically:

HeaderDescription
'Retry-After'The number of seconds until the rate limit window resets
'X-RateLimit-Limit'The total number of requests allowed in the rate limit window
'X-RateLimit-Remaining'The number of requests remaining in the rate limit window
'X-RateLimit-Reset'The datetime when the rate limit window will reset

πŸ“˜

The 'Retry-After' header is only returned when you've hit your rate limit and have received a 429.