A limit of 100 requests can be made per minute per company. If this request limit is exceeded, the API will return HTTP 429 (Request Limit Reached) with the message “Your IP address has exceeded the allowed number of transactions per minute and has been blocked for 1 hour”. Your IP address will be blocked for 1 hour. It is advisable to make no more than one request per second to avoid this.
A limit of 5,000 requests can be made per day per company. Although these limits are not currently enforced, please consider this limit when calling the API.
Failed Login Attempts
A limit of 20 failed login attempts can be made per hour through the API. If this request limit is exceeded, the API will return HTTP 429 (Request Limit Reached) with the message “Your Username has exceeded the allowed number of login attempts and has been blocked for 24 hours”. The Username will be blocked for 24 hours.
Encountering a rate limit
Accounts are temporarily blocked if a request limit is exceeded. Accounts will be blocked based on the API Key, Company Id and User. being blocked in one company will not block you from making calls in other companies.
Accounts are automatically unblocked within an hour. Do not continue to make requests as this may extended the blocking period.
If you encounter a limit, do not continue to make requests as this may extend the blocking period. Queue Requests until the block is lifted.
Sage One API Rate Limits
1. The Sage One API is intended for add-ons that are complementary to Sage One accounting – supplying additional features to small business owners running Sage One.
2. The Sage One API is based on a fair usage policy and is not intended for businesses doing large billing runs i.e. using Sage One as a billing engine, or mass data storage.
3. Usage limits for the API:
3.1 A limit of 100 requests per minute per company will be applied. If this request limit is exceeded, the API will return HTTP 429 (Request Limit Reached) with the message “Your IP address has exceeded the allowed number of transactions per minute and has been blocked for 1 hour”. If this happens, your IP address will be blocked for 1 hour. As a precautionary measure, it is advisable that you do not make more than one request per second.
3.2 A limit of 2,500 requests per day per company will be applied. These limits will be strictly enforced.
3.3 Sage One is an Accounting application for small businesses. Intended fair usage limits per company are as follows:
- 3 000 Customers
- 3 000 Suppliers
- 5 000 Items
- 1 000 Customer Invoices per month
- 1 000 Supplier Invoices per month
- 2 000 Bank Transactions per month
NOTE: Users will experience performance issues, in particular with reporting, with companies that exceed reasonable usage as stipulated above.
4. The Sage One API and all users using the Sage One API are limited to a finite pool of resources. Should these resources be exceeded, in order to maintain the performance and stability of the Sage One Accounting application, resource governing will take place. This will affect all Sage One API users.
5. While all Sage One API calls are limited per minute and per day, some Sage One API calls are a lot heavier
than others are. These calls will have a significant impact on the Sage One service as a whole, if used too frequently. The Sage One API calls listed in this section are to be kept to a minimum – as excessive use of these calls will mean performance degradation. If excessive use of these calls are detected, Sage One API keys will be blocked without warning.
This list incudes, but is not limited to;
- Detailed Ledger Transactions
- Customer and Supplier Ageing
- Customer and Supplier Statements
- Account Balances
- Cash Movement
- Item Movement
- Outstanding Customer and Supplier Documents
- All Transaction Listings
- All Allocations
- Take On Balances
- Trial Balances
- Tax Reports
6. Sage One reserves the right to revisit all limits pertaining to their API and general fair usage