PyPI · Rate Limits

Pypi Rate Limits

PyPI does not publish a hard per-second rate limit. The JSON, Index, and RSS APIs are heavily cached and CDN-fronted via Fastly, so PyPI states there is "currently no rate limiting of PyPI APIs at the edge." The legacy XML-RPC API may be rate-limited if usage degrades service. PyPI reserves the right to ban irresponsible consumers.

2 Limits Throttle: 429

Package RegistryPythonOpen SourceRate Limiting

Limits

JSON / Index / RSS APIs IP

varies

no edge rate limit (heavily cached via Fastly CDN)

PyPI states "currently no rate limiting of PyPI APIs at the edge"; consumers should still avoid thousands of requests per minute and should prefer ETag-conditional requests.

XML-RPC API (legacy) IP

varies

rate-limited at PyPI's discretion if usage degrades service

PyPI may temporarily or permanently throttle XML-RPC consumers whose usage causes service degradation.

Policies

User-Agent Identification

Set a descriptive User-Agent that uniquely identifies your requests and ideally includes contact information; opaque or default agents may be rate-limited or blocked.

ETag and Conditional Requests

The JSON, RSS, and Index APIs return ETag headers — use If-None-Match conditional requests to avoid hammering uncached origins.

Caching Awareness

Inspect X-Cache and X-Cache-Hits to understand whether your requests are being served from CDN cache; design crawlers around the CDN rather than the origin.

Discretionary Bans

PyPI reserves the right to temporarily or permanently prohibit a consumer based on irresponsible activity; sustained high-volume crawling without identification or backoff risks a block.

Pacing Guidance

PyPI advises against thousands of requests in a short window (minutes); prefer serial requests over longer periods when feasible.

Sources

https://docs.pypi.org/api/