API rate limits

For uninterrupted access to BILL API services, follow the API rate limit rules and use exponential backoff to space out your API requests.

What is an API rate limit?

An API rate limit is the number of API requests your solution or users can make within a given time period.

LimitDescription
API rate limitThe number of API requests per developer key per hour
API concurrent rate limitThe number of simultaneous API requests per developer key per organization

BILL API rate limits

The rate limit for BILL API requests per developer key per hour is 20000.

❗️

IMPORTANT

There are special cases for the BILL API rate limits. The API login (POST /v3/login) rate limit is 200 per developer key per hour.

For all endpoints that result in a text message or email being sent to a user, the rate limit is 5 per minute.

Special cases
API login: POST /v3/login
Generate MFA challenge: POST /v3/mfa/challenge
Send an invoice: POST /v3/invoices/{invoiceId}/email
Invite a customer in the BILL network: POST /v3/network/invitation/customer/{customerId}
Invite a vendor in the BILL network: POST /v3/network/invitation/vendor/{vendorId}

When you reach this limit, you receive the BDC_1144 error. All subsequent API requests must wait until the beginning of the next hour.

[
    {
        "timestamp": "2024-12-25T00:00:00.000+00:00",
        "code": "BDC_1144",
        "severity": "ERROR",
        "category": "DOWNSTREAM",
        "message": "Max number of allowed requests per hour reached: 20000."
    }
]

BILL API concurrent rate limits

The concurrent rate limit for BILL API requests per developer key per organization is 3.

When you reach this limit, you receive the BDC_1322 error. All subsequent API requests fail until one concurrent request is completed.

[
    {
        "timestamp": "2024-12-25T00:00:00.000+00:00",
        "code": "BDC_1322",
        "severity": "ERROR",
        "category": "DOWNSTREAM",
        "message": "Max number of concurrent requests per organization reached."
    }
]

Implementing exponential backoff

Implement exponential backoff in your code and appropriately space out your API requests to avoid hitting the BILL rate limits and concurrent rate limits.

In this Python example, when you hit the BILL rate limits and receive the BDC_1144 error, the time.sleep() function is used to set a backoff in seconds before retrying the API request.

The delay in seconds is calculated as 2 ^ (number of unsuccessful retries).

📘

NOTE

In the example, max_retry is set as 12 for the maximum possible backoff time in seconds to go past one hour. For BILL rate limits, this logic ensures that all subsequent API requests wait until the beginning of the next hour.

import time, requests, json

# Set your session ID & developer key
session_id = "set_your_session_id"
developer_key = "set_your_developer_key"

headers = {
  "Accept": "application/json",
  "Content-Type": "application/json",
  "sessionId": session_id,
  "devKey": developer_key
}

max_retry = 12
retry = 0

while retry < max_retry:
  # Make a BILL API call (Get list of vendors)
  url = "https://gateway.stage.bill.com/connect/v3/vendors"

  result = requests.get(url, headers=headers)
    
  # If not rate limited, break & continue with your code logic
  if json.loads(result.text)[0]['code'] != "BDC_1144":
    break
  else:
    # If rate limited, add exponential backoff
    time.sleep(2 ** retry)
    retry = retry + 1