Rate Limiting

To help ensure stability and access to our cloud network for all integrators, PayJunction enforces a strict rate limiting policy for all API connections. By default PayJunction limits requests to 1 every 100 milliseconds.

Scenarios known to cause rate limiting


When using the cURL library for processing HTTP requests on PHP platforms, it is a common error to set the CUROPT_HTTPAUTH option to CURLAUTH_ANY. Without specifying the authentication method to use, cURL first sends the request without authentication and then looks at the authentication challenge from the server to tell which method it should use before sending the authentication data in a second request. If the second request is received within 100 milliseconds of the first, it will be blocked by the rate limit. To prevent this, use CURLAUTH_BASIC instead:


curl_setopt($this->curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);


curl_setopt($this->curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);

.Net Platforms

The library used in .Net to make HTTP requests handles authentication in the same way that CURLAUTH_ANY does by sending a request first to determine what authentication method to use. To prevent this, manually set the Authorization header instead of using the NetworkCredential class as shown here:

Dim request As HttpWebRequest
request.Headers("Authorization") = "Basic " & Convert.ToBase64String(Encoding.[Default].GetBytes(Convert.ToString(login & Convert.ToString(":")) & password))