Classy · Rate Limits

Classy Org Rate Limits

Classy does not publish a fixed numeric requests-per-minute quota for the api.classy.org/2.0 API. The API is fronted by the Kong API gateway (confirmed via x-kong-limit, x-kong-proxy-latency, and x-kong-upstream-latency response headers on the official classy-org/postman-collections examples); the x-kong-limit header reports a "time-consumed" value rather than a simple remaining-request count, consistent with a time/latency-budget style throttling plugin rather than a flat per-minute cap. Exceeding the limit returns an HTTP 429 Too Many Requests response; third-party developer reports describe a retry-after guidance of roughly 24 seconds. OAuth2 access tokens obtained from /oauth2/auth are short-lived (expires_in observed at 7200 seconds / 2 hours in Classy's own Postman examples, with other integrations reporting shorter 3600-second tokens) and must be refreshed by re-authenticating.

Classy Org Rate Limits is the machine-readable rate-limit profile for Classy on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 3 rate-limit definitions, measuring requests and seconds.

The profile also includes 3 backoff/retry policies defined and response codes documented for throttled.

Tagged areas include Nonprofit, Fundraising, Rate Limiting, and Quotas.

3 Limits Throttle: 429
NonprofitFundraisingRate LimitingQuotas

Limits

API Requests application (client_id)
requests
not published as a fixed number
Enforced via a Kong gateway plugin that reports consumed time (x-kong-limit: time-consumed=N) rather than a simple remaining-count header.
Access Token Lifetime token
seconds
7200
Observed expires_in value in Classy's own official Postman collection example response; treat as indicative, not contractually guaranteed.
Throttled Retry Guidance application (client_id)
seconds
24
Third-party developer reports describe a suggested retry-after of about 24 seconds on 429 responses.

Policies

Bearer Token Refresh
Re-POST client_id/client_secret/grant_type=client_credentials to /oauth2/auth to obtain a fresh access_token when a request fails with an invalid_token error or the token's expires_in window has elapsed.
Backoff on 429
Clients should implement exponential backoff with jitter on HTTP 429 responses rather than retrying immediately.
Pagination Discipline
List endpoints return a Laravel-style page envelope (current_page, per_page, total, next_page_url); paging deliberately through next_page_url avoids over-fetching and repeated large-page requests that are more likely to trip throttling.

Sources