Sumsub · Rate Limits

Sumsub Rate Limits

Machine-readable rate limit definitions for the Sumsub API. Sumsub does not publish a fixed public per-key rate limit on the API reference; values below are scaffold defaults reflecting typical Cockpit-tier behavior and should be reconciled with contractual or account-specific limits.

Sumsub Rate Limits is the machine-readable rate-limit profile for Sumsub on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 4 rate-limit definitions, across the trial, basic, compliance, and enterprise tiers, measuring verifications_per_trial and requests_per_minute.

The profile also includes 5 backoff/retry policies defined and response codes documented for throttled and serviceUnavailable.

Tagged areas include AML, Identity Verification, KYC, Quotas, and Rate Limiting.

4 Limits Throttle: 429
AMLIdentity VerificationKYCQuotasRate LimitingThrottling

Limits

Trial Verification Quota account
verifications_per_trial · trial
50
Basic Plan Steady-State api-key
requests_per_minute · minute
60
Compliance Plan Steady-State api-key
requests_per_minute · minute
120
Enterprise Negotiated Limit contract
requests_per_minute · minute
600

Policies

App Token Authentication
All requests must include an X-App-Token header. Limits are enforced per token; rotate tokens via the Cockpit dashboard.
Backoff Strategy
Clients should implement exponential backoff with jitter when 429 or 503 responses are received, honoring the Retry-After header when present.
Webhook Delivery
Sumsub retries failed webhook deliveries with backoff; consumers should respond with a 2xx within the documented timeout window to avoid suspension of delivery.
Fair Use
Even on uncapped enterprise contracts, sustained traffic that materially impacts shared verification infrastructure may be throttled per fair-use terms.
Sandbox Isolation
Sandbox traffic is metered separately from production and may have stricter limits to prevent abuse of free trial volume.