Fidro enforces two types of limits to ensure fair usage and service reliability.
Per-minute rate limit
Limit: 60 requests per minute per API key.
This applies to all endpoints. If you exceed it, you'll receive a 429 Too Many Requests response.
How to handle it:
- Implement exponential backoff (wait 1s, 2s, 4s between retries)
- If you're hitting this limit regularly, spread requests across multiple API keys or batch them
Monthly quota
Your monthly quota depends on your plan:
| Plan | Requests per month |
|---|---|
| Free | 200 |
| Starter | 5,000 |
| Pro | 50,000 |
| Enterprise | Custom |
When you exceed your monthly quota, all requests return a 429 with the rate_limit_error type and details about your current usage.
What counts toward quota:
- Live API key requests only (test key requests are free)
- All endpoints:
/api/validate,/api/ip/{ip},/api/blocklist - Both successful and failed validation requests
What doesn't count:
- Requests made with test API keys
/api/statushealth checks- Cached responses (still count toward quota)
Checking your usage
Visit Account Settings to see your current usage, remaining requests, and when the quota resets (first of each month).
The API also returns quota info when you exceed it:
{
"error": {
"type": "rate_limit_error",
"limits": {
"max_requests_per_month": 5000,
"current_usage": 5000,
"period_start": "2026-03-01T00:00:00Z"
}
}
}
Tips for staying within limits
- Cache results — If you validate the same email/IP combination multiple times, cache the Fidro response for 24 hours
- Skip internal users — Don't validate your own team's logins
- Validate at signup only — Don't re-validate on every login unless you have reason to
- Use test keys for development — Test keys don't count toward your quota