Upbit · Rate Limits

Upbit Rate Limits

Upbit enforces per-group request rate limits tracked via response headers. Each response includes a Remaining-Req header indicating the group name, remaining calls for the current minute, and remaining calls for the current second (format: group=; min=; sec=). Public quotation endpoints (market data, tickers, orderbooks, candles) share one rate-limit group; authenticated exchange endpoints share another. WebSocket connections are also subject to connection-level throttling. The 50 ms base request interval corresponds to a theoretical ceiling of ~20 requests per second before throttling.

Upbit Rate Limits is the machine-readable rate-limit profile for Upbit on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 4 rate-limit definitions, measuring requests_per_second, connections, and interval_ms.

The profile also includes 4 backoff/retry policies defined and response codes documented for throttled.

Tagged areas include Rate Limiting, Cryptocurrency, Exchange, and Market Data.

4 Limits Throttle: 429
Rate LimitingCryptocurrencyExchangeMarket Data

Limits

Quotation REST — market data endpoints IP
requests_per_second · second
10
Applies to public endpoints including tickers, orderbooks, candles, and recent trades. Remaining quota is returned in the Remaining-Req response header per group.
Exchange REST — authenticated endpoints user
requests_per_second · second
8
Applies to authenticated endpoints for orders, accounts, deposits, and withdrawals. Requests exceeding the limit receive HTTP 429. IP allowlisting required for order and withdrawal operations.
WebSocket — connections IP
connections · concurrent
5
Concurrent WebSocket connection limit per IP address.
Base request interval global
interval_ms · per-request
50
The base rateLimit used by CCXT and other client libraries is 50ms between requests, corresponding to a ceiling of approximately 20 requests per second before server-side throttling.

Policies

Remaining-Req header monitoring
Clients should inspect the Remaining-Req header after each response and back off when sec or min counters approach zero to avoid 429 errors.
Exponential backoff
On receiving a 429 response, apply exponential backoff with jitter before retrying.
Per-group isolation
Rate limit buckets are isolated by group (e.g., candles, ticker, orderbook). Exhausting one group does not affect the quota of another group.
IP allowlisting for high-privilege operations
API keys used for order placement or withdrawals require IP allowlisting. Requests from non-allowlisted IPs for these operations will be rejected regardless of rate-limit status.

Sources