Mastodon
  • What is Mastodon?
  • Using Mastodon
    • Signing up for an account
    • Setting up your profile
    • Posting toots
    • Using the network features
    • Dealing with unwanted content
    • Promoting yourself and others
    • Set your preferences
    • More settings
    • Using Mastodon externally
    • Moving or leaving accounts
    • Running your own server
  • Running Mastodon
    • Preparing your machine
    • Installing from source
    • Configuring your environment
    • Installing optional features
      • Full-text search
      • Hidden services
      • Single Sign On
    • Setting up your new instance
    • Using the admin CLI
    • Upgrading to a new release
    • Backing up your server
    • Migrating to a new machine
    • Scaling up your server
    • Moderation actions
    • Troubleshooting errors
      • Database index corruption
  • Developing Mastodon apps
    • Getting started with the API
    • Playing with public data
    • Obtaining client app access
    • Logging in with an account
    • Guidelines and best practices
    • Libraries and implementations
  • Contributing to Mastodon
    • Technical overview
    • Setting up a dev environment
    • Code structure
    • Routes
    • Bug bounties and responsible disclosure
  • Spec compliance
    • ActivityPub
    • WebFinger
    • Security
    • Microformats
    • OAuth
    • Bearcaps
  • REST API
    • OAuth Scopes
    • Rate limits
  • API Methods
    • apps
      • oauth
    • accounts
      • bookmarks
      • favourites
      • mutes
      • blocks
      • domain_blocks
      • filters
      • reports
      • follow_requests
      • endorsements
      • featured_tags
      • preferences
      • suggestions
    • statuses
      • media
      • polls
      • scheduled_statuses
    • timelines
      • conversations
      • lists
      • markers
      • streaming
    • notifications
      • push
    • search
    • instance
      • trends
      • directory
      • custom_emojis
    • admin
    • announcements
    • proofs
    • oembed
  • API Entities
    • Account
    • Activity
    • Admin::Account
    • Admin::Report
    • Announcement
    • AnnouncementReaction
    • Application
    • Attachment
    • Card
    • Context
    • Conversation
    • Emoji
    • Error
    • FeaturedTag
    • Field
    • Filter
    • History
    • IdentityProof
    • Instance
    • List
    • Marker
    • Mention
    • Notification
    • Poll
    • Preferences
    • PushSubscription
    • Relationship
    • Report
    • Results
    • ScheduledStatus
    • Source
    • Status
    • Tag
    • Token

Rate limits

Defining how often you can hit the REST API

Rate limit information is returned in the response headers:

HeaderDescription
X-RateLimit-LimitNumber of requests permitted per time period
X-RateLimit-RemainingNumber of requests you can still make
X-RateLimit-ResetTimestamp when your rate limit will reset
Mind that an API method can be subject to multiple overlapping rate limits. The headers return information about the one you are closest to exceeding.

Here is a list of various rate limits:

EndpointBucketTime periodLimitLimit type
* /api/*Account access5 minutes300Account
* /api/*IP access5 minutes300IP
POST /api/v1/accountsApp sign-up30 minutes5IP
POST /api/v1/mediaUploading30 minutes30Account
DELETE /api/v1/statuses/:idDeletion30 minutes30Account
POST /api/v1/statuses/:id/unreblogDeletion30 minutes30Account

Last updated March 5, 2020 · Improve this page