Kraken · Rate Limits

Kraken Rate Limits

Kraken enforces request-rate policies separately per surface. The Spot REST private API uses a per-key "API counter" that increments on every call and decays over time at a tier-dependent rate; the counter's maximum value determines burst capacity, and the per-second decay determines steady-state throughput. The Spot REST public API is throttled per IP. Spot WebSocket subscriptions are rate-limited per connection (token-bucket on subscribe / unsubscribe / trading calls). Kraken Futures uses a separate per-key counter with its own ceiling and decay. Institutional / colocation clients can negotiate raised limits. All over-limit responses use HTTP 429 (REST) or a WebSocket `EAPI:Rate limit exceeded` error frame.

Kraken Rate Limits is the machine-readable rate-limit profile for Kraken on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 16 rate-limit definitions, measuring requests_per_minute, api_counter, trade_counter, requests_per_second, and concurrent_requests.

The profile also includes 9 backoff/retry policies defined and response codes documented for throttled, unauthorized, serverBusy, and websocketRateLimit.

Tagged areas include Rate Limiting, Cryptocurrency, Exchange, API Counter, and WebSocket.

16 Limits Throttle: 429
Rate LimitingCryptocurrencyExchangeAPI CounterWebSocket

Limits

Spot REST — Public endpoints (Time, Ticker, OHLC, Depth, Trades, Spread, Assets, AssetPairs, SystemStatus) IP
requests_per_minute
approx. 60 requests / 10 seconds per IP; bursts above this return 429
Kraken does not publish a hard per-IP limit; observed behavior is roughly 1 RPS sustained per IP with short bursts to ~5 RPS before throttling.
Spot REST — Private (Verified Tier, Starter) key
api_counter
15 max counter, decay 0.33 per second
Each call adds 1 (most endpoints) or 2 (Add/Cancel single order) or 4 (Ledgers, TradesHistory, ClosedOrders) to the counter. Counter resets via decay only.
Spot REST — Private (Verified Tier, Intermediate) key
api_counter
20 max counter, decay 0.50 per second
Spot REST — Private (Verified Tier, Pro) key
api_counter
20 max counter, decay 1.0 per second
Spot REST — Trading endpoints rapid-fire (AddOrder, EditOrder, CancelOrder) key
trade_counter
per-pair rapid-cancel counter; over-limit returns EAPI:Rate limit exceeded
A separate "rapid-cancel" counter discourages thrashing the order book. Penalty values scale with order lifetime — orders cancelled within 5 seconds carry higher counter cost.
Spot WebSocket v2 — public subscriptions connection
requests_per_second · second
50
Per-connection burst limit on subscribe/unsubscribe frames.
Spot WebSocket v2 — authenticated trading methods (add_order, amend_order, cancel_order, batch_*) token
api_counter
same per-tier API counter as Spot REST private trading
Spot WebSocket v2 — connections per IP IP
concurrent_requests
150
Reconnect with exponential backoff when EAPI:Connection limit exceeded is returned.
Spot WebSockets Token endpoint key
api_counter
1 per call (counts against private REST counter); tokens are valid for 15 minutes
Kraken Futures REST — public endpoints IP
requests_per_second · second
100
Kraken Futures REST — private endpoints (Standard) key
cost_per_minute · minute
500 cost units per minute (per-endpoint cost 1–25)
Kraken Futures REST — private endpoints (VIP / Colocation) key
cost_per_minute
raised via institutional support; typically 2x – 10x Standard
Kraken Futures WebSocket connection
requests_per_second · second
200
NFT REST endpoints key
api_counter
shares the Spot private API counter (same per-tier ceiling and decay)
Earn REST endpoints key
api_counter
shares the Spot private API counter; Allocate/Deallocate add 1 to the counter
FIX session — orders per second session
requests_per_second
negotiated per institutional onboarding (typically 100+ orders/sec)

Policies

API counter decay
Each private REST call increments a per-key counter; the counter decays at the per-tier rate (Starter 0.33/s, Intermediate 0.50/s, Pro 1.0/s). When the counter exceeds its ceiling the next call returns `EAPI:Rate limit exceeded` (HTTP 429 with a JSON error envelope).
Endpoint weighting
Not all endpoints cost the same. Heavy history endpoints (Ledgers, TradesHistory, ClosedOrders) add 2-4 to the counter while trading endpoints (AddOrder, CancelOrder) add 0-1. Plan request mixes accordingly.
Rapid-cancel penalty
Orders cancelled within 5 seconds of placement carry an elevated cost on a separate per-pair counter to discourage book-thrashing strategies. Hold orders longer or use AmendOrder/EditOrder for fewer adjustments.
Exponential backoff on 429 / WS rate-limit frames
On HTTP 429 or a WebSocket `EAPI:Rate limit exceeded` frame, back off with exponential delay (start 1s, double up to 60s) before retrying. Do not parse `Retry-After` as authoritative; it is advisory.
Tier upgrade
Move from Starter → Intermediate by completing identity verification and from Intermediate → Pro by completing extended verification (proof of residence + source of funds). The tier upgrade automatically raises the per-key API counter ceiling and decay rate.
Institutional uplift
VIP and institutional clients can request raised limits through their account manager. Co-located clients on colo-london.* get materially higher throughput and lower latency.
WebSocket reconnect strategy
Reconnect with exponential backoff on disconnect. Reauthenticate with a fresh WebSockets token (REST /private/GetWebSocketsToken) if the prior token has expired. Resubscribe to channels after reconnect.
Cancel-on-Disconnect
For algorithmic clients, enable cancel-on-disconnect (Spot WS) and/or arm the CancelAllOrdersAfter dead-man's switch so a disconnect or rate penalty cannot leave runaway orders in the book.
Per-IP connection cap
Open at most ~150 WebSocket connections per IP. Co-located VIP connections share that ceiling per source IP unless raised by support.

Sources