Skip to main content

Rate Limits (Hard limits)

When executing requests to TagoIO, there is a limit on the number of requests that can be made during a given time period. These limits are applied in short intervals every minute to provide a reliable, scalable API for developers and to help prevent cyber attacks on our servers, such as DDoS.

Rate limits apply to a wide range of interactions within the platform, including—but not limited to—API endpoints, data sent from IoT devices via network protocols (MQTT, LoRaWAN, HTTP), data exports, dashboard visualizations, user interactions, and more. These limits are also known as hard limits.

note

Hard limits are used to prevent high-frequency usage beyond a healthy acceptable level; this is different than TagoIO services that are reset monthly. You still need to make sure you have enough resources to run your application.

info

TagoIO also enforces limits on the number of resources you can have and the amount of data displayed on your dashboards. Read more about Resource Limits and Data Output for Dashboards.

How it works

Rate limits, or hard limits, are enforced based on your account's plan. Each account tier has different rate limits for each API resource. The maximum number of requests allowed is based on a time interval, with a retry window when requests exceed the limit.

The limit for each request is applied every minute. If a user reaches their rate limit during a specific minute, they must wait until the next minute for the limit to reset before making additional requests. So if you reach the maximum rate at 12:45:09 PM, the next request can only be done after 12:46:00 PM.

The system aggregates all requests performed inside a Profile for each route. Therefore, if you reach the limit for a route, all future requests to that Profile and route will be denied during the period. For some specific routes, such as the Post and Get data from devices, you can configure the rate limit for each device separately.

tip

Check out the Control Tower add‑on.

Request Rate Limits

The following table lists the API resources for which the hard limit applies, the corresponding endpoint route, functions associated with the route, and limits for each plan. The values are given in RPM—requests per minute.

Maximum number of requests per minute allowed in each Profile

ResourceRouteFunctionFreeStarterScaleDEVICEPOST /DeviceCreate Device102505 000DEL /Device/:device_idDelete Device102505 000GET /deviceList Devices50100500GET /device/:device_idGet Device1001 0005 000GET /device/token/:device_idGet Device Token1001 0005 000GET /device/:device_id/data_amountGet Device Data Amount1001 0005 000GET /device/:device_id/chunkGet Device Chunk1001 00015 000GET /device/paramsGet Device Params1001 0005 000GET /device/params/:device_idGet Device Params1001 0005 000PUT /device/:device_idEdit Device502502 000POST /device/tokenCreate Device Token502502 000DEL device/token/:tokenDelete Device Token502502 000POST /device/:device_id/convertConvert Device502502 000POST /device/:device_id/emptyEmpty Device502502 000POST /device/:device_id/chunk/copyExport Device Chunk502502 000DEL /device/:device_id/chunk/:chunk_idDelete Device Chunk502502 000DATAGET /dataGet Device Data [*]2505 00015 000POST /dataSend Device Data [*]2505 00015 000PUT /dataEdit Device Data602501 000DEL /dataDelete Device Data602501 000GET /data?query=aggregateGet Device Data with Query Aggregate510100ACCOUNTPUT /accountEdit TagoIO Account50100500GET /accountGet TagoIO Account50100500...............ANALYSISPOST /analysisCreate Analysis601001 000PUT /analysis/:analysis_idEdit Analysis601001 000DEL /analysis/:analysis_idRemove Analysis601001 000POST /analysis/:analysis_id/uploadAnalysis Upload Script601001 000GET /analysisGet Analysis List601 0002 000...............ACTIONPOST /actionCreate Action601001 000PUT /action/:action_idEdit Action601001 000DEL /action/:action_idRemove Action601001 000DASHBOARDPOST /dashboardCreate Dashboard601001 000PUT /dashboard/:dashboard_idEdit Dashboard601001 000DEL /dashboard/:dashboard_idRemove Dashboard601001 000...............FILESPOST /filesCreate Files60100200PUT /filesEdit Files60100200DEL /filesRemove Files60100200...............PROFILEPOST /profileCreate Profile60100200PUT /profile/:profile_idEdit Profile60100200DEL /profile/:profile_idRemove Profile60100200...............NOTIFICATIONPOST /notificationCreate Notification601001 000PUT /notification/:notification_id/:btn_idEdit Notification601001 000...............RUN NOTIFICATIONPOST run/notificationCreate RUN Notification601001 000...............RUNPOST /run/usersCreate Run User601001 000PUT /run/users/:user_idEdit Run User601001 000...............AMPOST /amCreate Access Management60100200PUT /am/:am_idEdit Access Management60100200...............TAGSGET /tags/keys/:typeGet Tags Resource601001 000TOKEN INFOGET /infoGet Token Info605 00010 000INTEGRATIONPOST /integration/networkCreate Integration Network60100500...............AUTHORIZATIONPOST /serviceauthCreate Authorization Code60100200...............DICTIONARYPOST /dictionaryCreate Dictionary60100200...............TEMPLATEPOST /templateCreate Template60100100TCOREPOST /tcore/instanceCreate TCore60100100...............MQTTPublish-PublishMQTT payload to TagoIO broker2505 00015 000Subscribe-ReceiveMQTT payload from TagoIO broker2505 00015 000Connection-Connect to TagoIO broker20100200BACKUPPOST /backupCreate BackupN/A55GET /backupList BackupsN/A50100GET /backup/:backup_id/urlDownload BackupN/A1020DEL /backup/:backup_idDelete BackupN/A1020

[*] You may also be able to adjust the limit individually per device depending on your plan. Check out our Control Tower add‑on.

tip

If, for some special reason, your requirements exceed the limits in the table, consider upgrading your plan to Scale. If you are already on the Scale plan, take a look at the enterprise version TagoDeploy, or please contact us through support@tago.io.

Response code

When a hard limit has been exceeded, TagoIO will return an HTTP 429 “Too Many Requests” error. Additionally, you can examine the response body to check the remaining retry window in seconds (Retry-After : seconds). The following error will be returned in the response body:

{ "status": false, "message": "Too many requests (Retry-After: 8)" }

If you need help adapting your project to these hard limits, try our Community.

Rate limits usage monitoring

You can monitor the hard limits for each function by accessing the profile menu located in the top left corner of your Admin page and selecting the Hard Limits option. If the Control Tower add‑on is active in your account, you will have the ability to view historical and detailed statistics of your usage for Hard Limits, providing insights into your requests per minute.