API Rate Limiting

turbine cloud enforces rate limits to ensure platform stability and fair usage across all tenants at a glance standard api rate limit the global rate limit applies to any http request through the public load balancer — including api calls, playbook actions, and ui requests scope — user hash the rate limit is calculated per unique combination of authentication method and source ip if a playbook makes anonymous outbound http calls, those requests are sourced from the region's shared egress ip and count toward the rate limit pool for that ip webhook rate limit webhooks have a dedicated rate limit enforced separately from the standard api limit 100 requests/minute per tenant for mssp or multi tenant architectures where a central tenant sends webhook requests to customer tenants, each tenant's webhook traffic is rate limited independently rate limit behavior when a rate limit is exceeded, the api returns a 429 too many requests response implement exponential backoff and retry logic in your integrations to handle rate limiting gracefully