Fortnox · Rate Limits

Fortnox Rate Limits

Fortnox rate-limits the REST API per access-token. The documented limit is 300 requests per minute per access-token, enforced as a sliding window of roughly 25 requests per 5 seconds and scoped per client-id + tenant. Because the limit is per access-token, an integration serving many Fortnox tenants gets an independent 300 requests/minute allowance for each tenant's token. Exceeding the limit returns HTTP 429 (Too Many Requests). In November 2022 Fortnox raised the limit from 4 req/s (240/min) to 5 req/s (300/min).

Fortnox Rate Limits is the machine-readable rate-limit profile for Fortnox on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 2 rate-limit definitions, measuring requests.

The profile also includes 3 backoff/retry policies defined and response codes documented for throttled.

Tagged areas include Accounting, ERP, Rate Limiting, Quotas, and Sweden.

2 Limits Throttle: 429
AccountingERPRate LimitingQuotasSweden

Limits

REST API Requests access-token
requests · minute
300
Per access-token (per client-id + tenant). Enforced as a ~25 requests / 5s sliding window.
Sliding Window Burst access-token
requests · 5 seconds
25
Short-window burst ceiling underlying the per-minute limit.

Policies

Sliding Window
Requests are counted over a moving 5-second window; sustained rate must average within the window.
Per-Tenant Isolation
Each tenant's access-token has its own independent quota, so multi-tenant integrations scale linearly across customers.
Backoff Strategy
On HTTP 429, back off (exponential with jitter) and retry; prefer the WebSocket Topics stream over polling to stay under the limit.

Sources