Rate Limits

The Vista API rate limits to 2,000 requests per minute. The rate limit resets every 60 seconds on a rolling basis. This limit is subject to change.

By limiting the number of API requests that can be issued from an API key, we are able to offer a more reliable service by protecting our own system infrastructure from being negatively affected.

When you Exceed the Limit

When you exceed the rate limit, the API returns an HTTP 429 Too Many Requests response. This response indicates that your application needs to slow down its request rate.

Example Response:

HTTP/1.1 429 Too Many Requests
Date: Tue, 19 Aug 2025 17:26:15 GMT
Content-Type: application/json
Content-Length: 83
Connection: keep-alive
Retry-After: 1

Connection #0 to host api-test.xchange.trimble.com left intact
{ "statusCode
": 429, "message": "Rate limit is exceeded. Try again in 1 seconds." }

The Retry-After header in the response specifies the number of seconds you should wait before sending another request. In the example above, the value is 1 second.

Best Practices

Follow these best practices to avoid your API requests from hitting the rate limit.

• Impose an upper bound on request cadence (for example, 1 req/sec or 5 req/sec) such that the rate limit is not encountered.
• Use an exponential retry/backoff policy to prevent the rate limit from being saturated if it is reached.
• Use endpoints that return or modify multiple records simultaneously, where possible, to accomplish more with fewer requests. For example, make one call to get all relevant Vendors instead of many calls getting specific Vendors.
• Cache responses where appropriate to avoid spending a call on retrieving the same data.
• Incorporate logic to gracefully handle a situation where rate limits are hit. Expect an HTTP 429 as a potential response and plan accordingly.