Rate limiting lets you control the maximum number of webhooks delivered to your endpoint per second. This protects your systems from being overwhelmed during high-traffic periods.
How It Works
When you set a rate limit on an endpoint:
- Webhooks are queued for delivery
- Delivery is throttled to stay within your limit
- Excess webhooks are held and delivered as capacity becomes available
This smooths out traffic spikes, ensuring your endpoint receives webhooks at a manageable pace.
Setting a Rate Limit
You can configure rate limiting when creating or editing an endpoint:
- Go to the Webhooks settings in your dashboard
- Click on an endpoint or create a new one
- In the Advanced settings, set your Rate Limit
- Enter the maximum messages per second
- Save your changes
Choosing a Rate Limit
Consider these factors when setting your limit:
| Factor | Recommendation |
|---|
| Server capacity | Start with what your server can handle comfortably |
| Processing time | If each webhook takes 100ms to process, limit to ~10/second |
| Concurrent workers | More workers = higher sustainable rate |
| Peak traffic | Account for busy periods (lunch rush, promotions) |
Example Limits
- Small server / Simple processing: 10-50 per second
- Medium infrastructure: 100-500 per second
- High-capacity systems: 1,000+ per second
Important Considerations
Queue Buildup
If you consistently receive more webhooks than your rate limit allows, a backlog will form. For example:
- Rate limit: 100/second
- Incoming rate: 200/second
- Result: Queue grows, increasing delivery delays
If your webhook volume consistently exceeds your rate limit, webhooks will be delayed. Monitor your endpoint and increase the limit if needed.
Retries and Rate Limits
Rate limits apply to all deliveries, including retries. A low rate limit combined with many retries could delay new webhooks.
When to Use Rate Limiting
Rate limiting is useful when:
- Your endpoint has limited capacity - Prevent overload during busy periods
- Processing is resource-intensive - Each webhook triggers heavy operations
- Third-party dependencies - Your handler calls rate-limited external APIs
- Shared infrastructure - Webhook processing competes with other services
Start with a conservative rate limit and increase it as you understand your system’s capacity. It’s easier to raise a limit than recover from an overloaded server.
