Spruce Health · Rate Limits

Spruce Health Rate Limits

Spruce does not publish a fixed numeric request-rate limit for the Public API itself. One concrete limit is documented on the webhook delivery side: a registered webhook endpoint is rate limited to 1000 events per minute per endpoint, an endpoint must respond with a 2XX status within 5 seconds, and failed deliveries are retried every 2 minutes for up to 10 attempts. An incorrect or disabled API token returns a 403. Per-account request throttling values for the REST surface are not published and should be reconciled against the live documentation.

Spruce Health Rate Limits is the machine-readable rate-limit profile for Spruce Health on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 4 rate-limit definitions, measuring requests, events, seconds, and attempts.

The profile also includes 3 backoff/retry policies defined and response codes documented for throttled and forbidden.

Tagged areas include Healthcare, HIPAA, Communication, Rate Limiting, and Quotas.

4 Limits Throttle: 429
HealthcareHIPAACommunicationRate LimitingQuotasWebhooks

Limits

Public API Requests organization
requests
not published
No fixed numeric per-minute request limit is documented for the REST API.
Webhook Delivery Rate endpoint
events
1000 per minute
Each registered webhook endpoint is limited to 1000 events per minute.
Webhook Response Window endpoint
seconds
5
Endpoints must return a 2XX status within 5 seconds or the delivery is treated as failed.
Webhook Retries endpoint
attempts
10
Failed deliveries are retried every 2 minutes for up to 10 attempts.

Policies

Bearer Authentication
Requests require Authorization Bearer with an org token; incorrect or disabled tokens return 403.
Backoff Strategy
Clients should implement exponential backoff with jitter and honor Retry-After on 429 responses.
Webhook Signature Verification
Endpoints receive a signing secret at creation and should verify event signatures.

Sources