REST API
Limits & errors
Attestia uses conventional HTTP status codes and JSON bodies for errors. Rate limits apply per API access key.
Rate limits
| Rule | Description |
|---|---|
| Per access key | Sliding window of one minute. The default allowance is 120 requests per key per minute unless your contract states otherwise. |
| Streams and registration | Long-lived connections and media registration consume capacity from the same key; back off when you receive HTTP 429. |
429 response
HTTP/1.1 429 Too Many Requests
Retry-After: <seconds>
{"error":"rate limit exceeded"}HTTP status codes
| Code | Meaning |
|---|---|
| 200 | Success. |
| 400 | Malformed JSON or validation error (e.g. missing fields). |
| 401 | Missing/invalid signing headers, bad signature, skewed timestamp, or revoked key. |
| 402 | Submitter: insufficient attestation credits (business rule). |
| 403 | Wrong key kind, on-chain role, insufficient stake, or profile mismatch. |
| 404 | Unknown asset or key. |
| 429 | Rate limit exceeded. |
| 500 | Unexpected server error. |
| 503 | RPC or staking env not configured; chain read failure. |
Error payload
{
"error": "human readable message"
}