Rate Limiting
The Gateway enforces rate limits at two levels: organization-wide and per-API-key. Limits use a sliding window algorithm.
Organization-Level Rate Limiting
The rate limit applies to your entire organization. All API keys you create count toward the same limit.
Basic plan: 60 req/min totalLimits use a sliding 60-second window — not a fixed reset at the top of the minute. Capacity restores gradually.
No sudden resets — smooth traffic flowThe rate limit applies per organization across all your API keys combined. If your plan allows 60 req/min and you have two keys making requests simultaneously, both count toward that shared limit.
Sliding Window Algorithm
Rate limits use a sliding window — not a fixed reset at the top of each minute. This prevents burst spikes right after a reset.
Limits by Plan
| Plan | Rate limit (org-wide) |
|---|---|
| Free | 10 req/min |
| Basic | 60 req/min |
| Pro | 300 req/min |
| Enterprise | 9,999 req/min |
429 Response
HTTP 429 Too Many Requests
{
"error": "Rate limit exceeded. Slow down and try again.",
"code": "RATE_LIMIT_EXCEEDED"
}Implementing Retry Logic
When you receive a 429, wait before retrying. Use exponential backoff to avoid hammering the API repeatedly.
#!/bin/bash
MAX_RETRIES=3
DELAY=5
URL="https://dev-api.onlyfans-api.ai/api/models/MODEL_UUID/users/me"
for attempt in $(seq 1 $MAX_RETRIES); do
http_code=$(curl -s -o /tmp/of_resp.json -w "%{http_code}" "$URL" \
-H "X-API-Key: sk_live_your_key_here")
[ "$http_code" != "429" ] && { cat /tmp/of_resp.json; exit 0; }
echo "Rate limited. Retrying in ${DELAY}s... (attempt $attempt)"
sleep $DELAY
done
echo "Max retries exceeded"; exit 1Don't retry on 402