> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lasscyber.com/llms.txt
> Use this file to discover all available pages before exploring further.

# rate_limit_exceeded

> HTTP 429 — the tenant has exceeded its per-minute or per-month request budget.

|                 |                                                    |
| --------------- | -------------------------------------------------- |
| **HTTP status** | `429 Too Many Requests`                            |
| **Code**        | `rate_limit_exceeded`                              |
| **Retry?**      | Yes — sleep for `Retry-After` seconds, then retry. |

## When this happens

The tenant has exceeded the rate limit for the called route group. Both
analyzer endpoints and administrative endpoints have separate budgets;
the response detail tells you which.

## Example response

```http theme={null}
HTTP/1.1 429 Too Many Requests
Retry-After: 30
X-RateLimit-Limit: 100
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 1762000060
```

```json theme={null}
{
  "detail": "Rate limit exceeded for analysis endpoints. Limit: 100/minute.",
  "code": "rate_limit_exceeded",
  "request_id": "5b3f6c7e-7d24-4d40-9b12-3a59c01c6e91",
  "doc_url": "https://docs.lasscyber.com/errors/rate_limit_exceeded"
}
```

## How to recover

1. Read `Retry-After` (seconds).
2. Sleep for that many seconds (with a small jitter to avoid
   thundering-herd retries when many callers hit the limit at once).
3. Retry the request.

The official SDKs do this automatically up to a configurable retry
ceiling.

## How to avoid the limit

* **Distribute heavy workloads.** Two API keys in the same tenant
  share a budget, so multiple keys do not raise the ceiling — they
  just give you better attribution.
* **Use the smaller `default-permissive` policy when shadow testing.**
  Permissive policies still cost an analyzer call; if you are running
  shadow analysis on every prompt, plan capacity for it.
* **Watch `X-RateLimit-Remaining`.** Charting this over time tells
  you when you are approaching the ceiling.
* **Upgrade your plan.** See
  [Billing](/administration/billing) for the included rates per tier
  and email
  [`sales@lasscyber.com`](mailto:sales@lasscyber.com) for higher
  custom limits.

## SDK behaviour

| SDK        | Exception                                      |
| ---------- | ---------------------------------------------- |
| Python     | `agnes.RateLimitError` with `retry_after: int` |
| TypeScript | `RateLimitError` with `retryAfter: number`     |

SDKs sleep for `retry_after` and retry automatically. If retries are
exhausted, the SDK raises `RateLimitError` with the latest
`request_id`.

## Related

* [Rate limits](/api-reference/rate-limits)
* [Billing](/administration/billing)
