Skip to main content
The ClickTerm API applies rate limits to ensure fair usage and platform stability.

Limits

Endpoint typeRate limitBilling
POST /clickwrap/verify1,000 requests per hour (per app + IP). Also subject to your plan’s event quota.Counted toward billing
GET endpoints (clickwrap, customizations)1,000 requests per hour (per app + IP)Free
GET endpoints (events, certificates)No explicit rate limitFree
SDK requests (ClicktermDialog.show())No explicit rate limitFree
Only POST /clickwrap/verify calls count toward your billing. All other requests are free. See clickterm.com/pricing for pricing details.

Rate limit responses

If you exceed the rate limit, the API returns: 
HTTP 429 Too Many Requests
Implement exponential backoff with a sensible initial delay (e.g. 1–5 seconds) for production integrations.

Best practices

  • Cache consent status — Call GET /clickwraps/{endUserId}/status once per session rather than before every action
  • Rate limit your own verification calls — Add a Captcha or rate limiter before POST /clickwrap/verify to prevent abuse from end users
  • Don’t poll for events — Use the verification response directly rather than polling event details
  • Batch certificate downloads — If archiving certificates, spread downloads over time rather than fetching all at once
  • Implement retry logic — Use exponential backoff for 429 responses