Tyk · Rate Limits
Tyk Rate Limits
Tyk's gateway-side rate limiting is operator-configurable rather than fixed per tier. The documentation describes multiple algorithms (Redis-backed sliding window, fixed window, smoothing) but does not publish per-second numeric defaults for the SaaS Tyk Cloud surface — limits are tied to the operator's policy/key configuration. Throttled requests return HTTP 429.
3 Limits
Throttle: 429
API GatewayAPI ManagementGraphQLOpen SourceRate Limiting
Limits
Operator-Configured Rate Limit key
see https://tyk.io/docs/api-management/rate-limit/
Configured per API key, policy, or endpoint by the gateway operator. Default values are not published as fixed per-tier numbers; commercial plans (Core, Professional) advertise unlimited gateway capacity.
Spike Arrest (Redis Limiter) key
see https://tyk.io/docs/api-management/rate-limit/
Redis-backed limiter blocks requests until the rolling rate drops below the configured threshold.
Fixed Window Limiter key
see https://tyk.io/docs/api-management/rate-limit/
Blocks requests for the remainder of a fixed window once the threshold is exceeded.
Policies
Algorithm Choice
Operators can select between Redis-backed sliding window, fixed window, and rate-limit smoothing. Algorithm and threshold are set on the API definition or policy.
Smoothing
Rate-limit smoothing gradually adjusts allowance rather than abruptly blocking, giving clients time to back off.
429 Handling
Clients should detect HTTP 429 and apply exponential backoff with jitter; specific Retry-After timing is implementation-dependent.