Rate limiting

429 responses with configurable Retry-After headers.

GET /rate-limit

Always returns 429 Too Many Requests with Retry-After and X-RateLimit-* headers. Use ?lie=true to send a deceptive Retry-After value — the response body reports the real requested value so you can verify whether your client respected the header.

retry_after Retry-After header value in seconds. Range: 1–3600. Default: 60.

lie If true, Retry-After is set to 1 regardless of retry_after. The body still reports the requested value. Default: false.

details

Useful for testing retry logic, backoff strategies, and whether clients actually parse and respect Retry-After.

The ?lie=true parameter is the interesting one: the Retry-After header claims 1 (retry immediately) while the JSON body reports the real value. A client that blindly trusts the header will retry after one second — and receive another 429. A well-behaved client should handle repeated 429s with its own backoff regardless of what the header says.

The response also includes X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset headers, which follow the de-facto standard used by GitHub, Stripe, and others. X-Chaos-Rate-Limit-Lied is set to true or false so clients can detect the lie programmatically if needed.