SiteError.comYour friendly guide to HTTP status codes
Status CodesBlog
  1. Home
  2. 4xx Client Error
  3. 429 Too Many Requests

429 Too Many Requests

🚦
429
Too Many Requests
!
?

Example HTTP Response

HTTP Response
HTTP/1.1 429 Too Many Requests
Retry-After: 3600

{"error": "Rate limit exceeded"}
Common Causes
  • API rate limit exceeded
  • Too many login attempts
  • Aggressive scraping detected
Technical Details

What does this mean?

Whoa, slow down there! You're hitting refresh like there's a prize. Take a breather and try again later.

Technical Definition

The user has sent too many requests in a given amount of time (rate limiting).

RFC Says

"The 429 (Too Many Requests) status code indicates that the user has sent too many requests in a given amount of time ('rate limiting'). The response representations SHOULD include details explaining the condition, and MAY include a Retry-After header indicating how long to wait before making a new request."

Plain English:

429 means 'Slow down! You're making too many requests too quickly.' This is the standard rate limiting response. Include a Retry-After header to tell clients when they can try again, and ideally include headers like X-RateLimit-Limit and X-RateLimit-Remaining to help clients stay within limits.

Common Misinterpretation

Always include helpful headers with 429: Retry-After (when to retry), X-RateLimit-Limit (max requests allowed), X-RateLimit-Remaining (how many are left), and X-RateLimit-Reset (when the limit resets). Don't just return 429 with no guidance.

View RFC Documentation
Code Snippets

Ready-to-use code for returning this HTTP status in your application:

Node.js
// Express.js
app.get('/example', (req, res) => {
  res.status(429).json({
    error: 'Too Many Requests',
    message: 'Your error message here'
  });
});

// Native HTTP
const http = require('http');

http.createServer((req, res) => {
  res.writeHead(429, { 'Content-Type': 'application/json' });
  res.end(JSON.stringify({
    error: 'Too Many Requests',
    message: 'Your error message here'
  }));
}).listen(3000);
When to Use This Code
  • Client has exceeded their request quota/rate limit
  • Protecting against abuse, scraping, or brute force attacks
  • Include Retry-After header with seconds or date to wait
  • Use 503 when the entire service is overloaded, not just one client
From the Blog

  • Understanding 429 Too Many Requests: Rate Limiting Done Right

    A deep dive into HTTP 429 Too Many Requests — why rate limiting matters, how to implement it on the server, and how to handle it gracefully as a client.

    8 min read
Related Status Codes
🔧503Service Unavailable

429 Too Many Requests FAQ

What causes a 429 Too Many Requests error?

API rate limit exceeded. Too many login attempts. Aggressive scraping detected.

When should I use 429 Too Many Requests?

Client has exceeded their request quota/rate limit. Protecting against abuse, scraping, or brute force attacks. Include Retry-After header with seconds or date to wait. Use 503 when the entire service is overloaded, not just one client.

428 Precondition Required431 Request Header Fields Too Large

Popular Status Codes

  • 200 OK
  • 301 Moved Permanently
  • 302 Found
  • 400 Bad Request
  • 401 Unauthorized
  • 403 Forbidden
  • 404 Not Found
  • 500 Internal Server Error
  • 502 Bad Gateway
  • 503 Service Unavailable

Compare Codes

  • 401 vs 403
  • 301 vs 302
  • 404 vs 410
  • 500 vs 502
  • Compare any codes →

Categories

  • Informational
  • Success
  • Redirection
  • Client Error
  • Server Error
  • NGINX
  • Cloudflare
  • AWS ELB
  • Microsoft IIS

Tools

  • Cheat Sheet
  • Status Code Quiz
  • URL Checker
  • API Playground
  • Blog

© 2026 SiteError.com. All rights reserved.