Last updated: 15 November 2024
What are the limits?
Overview
There are three different types of limits, all of which are subject to change at any time:
- Hard-limits
- ML (Machine Learning) Limits
- WAF (Web Application Firewall) Limits
Hard-Limits
- 6,000 request weight per minute (keep in mind that this is not necessarily the same as 6,000 requests)
- 100 orders per 10 seconds
- 200,000 orders per 24 hours
Our hard-limits are listed on the [/api/v3/exchangeInfo] endpoint.
Machine Learning Limits
Trading behavior is evaluated against the average user. If you deviate too far, you'll be banned for a determined amount of time, ranging from 5 minutes to 3 days.
Assume that you have a trading abuse score. Your score will increase if:
- You repeatedly "one-up" or "front-run" the best Bid/Ask on the order book.
- Your spam order creation and cancellation very quick without executing trades.
- Your "conversion rate" is low. "Conversion rate" is defined as your number of trades divided by the total order creations and cancellations over a 24-hour period (Number of Trades / (Orders + Cancellations)).
- Your "weight" is low. "Weight" is defined as your total traded quantity divided by the total order creations and cancellations over a 24-hour period (Total Traded Qty / (Orders + Cancellations)).
- When trading pairs that have BNB as the base or quote asset, your abuse score will be amplified.
More specific information than the above will not be provided. Please use trial and error to achieve your ideal trading pattern, or discuss optimal behavior with other API users.
Web Application Firewall Limits
While we do not provide exact details on our WAF rules, if you receive an HTTP 403 error, you have broken a rule. Most likely, it will be a result of excessive requests within a duration of 5 minutes. However, if you are sending a request that could be perceived as malicious, it could also result in a ban of a longer duration.
If I exceed the limits, will I be restricted by account, API Key, or IP address?
For the hard-limits, exceeding the total request weight per minute limit (currently 6,000) will result in an IP ban. The order limits (currently it is 50 times/10 seconds and 160,000 times/24 hours) will be dependent on the account. If the order limit has been exceeded, you will also be restricted from creating new orders on the website (or our other applications).
For Machine Learning limits, restrictions will be applied to accounts. If you have been restricted by the ML system, you may check the reason and the duration by using the [/sapi/v1/account/status] endpoint (noted in our API documentation).
Web Application Firewall limitations will only be applied by IP. Usually, a WAF ban will have a duration of 5 minutes. However, if the server has interpreted a user's request as malicious, it may be extended.
I was restricted for exceeding limits, but I fixed my code. Will you unban me early?
No. You must wait until the ban is over.
Why did I receive an HTTP 403 error when using the API?
You have violated the WAF (Web Application Firewall) rules, most likely by violating a rate limit or sending a malicious request (as outlined in the limits section of this document). Typically, these bans last a period of 5 minutes.
Why are my WebSocket connections being dropped/disconnected?
Every 3 minutes, active WebSocket connections will receive a ping. If you do not respond with a properly framed ping, your connection will be terminated.
For user data streams, if a keep-alive is not received at least once every 60 minutes, the listen key will expire. This is also detailed in our API documentation.
I'm using a third-party service/wrapper, and it is not working. Can you help?
Unfortunately, we do not support third-party services or tools. Please reach out to the service and/or developers for further assistance.
In addition, it is a security risk to enter your Binance API Key(s) and/or Secret Key(s) into any third-party platform. Please use these services at your own discretion.
Keep in mind that we also avoid providing general programming assistance.
Despite making no changes, I'm suddenly receiving errors. What happened?
Unfortunately, we are unable to provide support for issues with your personal implementation. If you are using a third-party wrapper/tool, please contact their support/development team for assistance.
I need to access my Secret Key, but it displays "***". How do I retrieve this?
For security reasons, by design, Secret Keys are only visible at the time the API Key is created. Any time after that point, it will be masked. If you have lost it, or you did not record it, you will need to create a new API Key and use it with a new Secret Key.
Can I increase my limits or dedicated stream/bandwidth?
Unfortunately, this is not currently offered.. It should be possible to work with the limitations provided.
My API Key has disappeared.
There are only two likely explanations for an API Key to "disappear":
- If you haven't been active recently and you were using the API before March 7, 2018, it's possible that your API Key(s) were purged to ensure the security of your account.
- If you've disabled your account, this would result in the deletion of any and all active API Keys.
You should be able to create a new API Key(s) with no issues.
I'm receiving "Error -1021 (Message: Timestamp for this request is outside of the recvWindow)". How can I resolve this?
Typically, this error only occurs if the server time and your system time don’t sync. You may need to sync your system clock. However, this process varies depending on the operating system.
For Windows, at your own discretion, you may use a tool like "Atomic Clock". Linux and Mac users can try syncing with "ntpdate" via the command line.
If the problem persists, it may be latency-related (a network issue). Please try adjusting your recvWindow.
Can I request new API functionalities?
If you do not see the functionality you are requesting in our documentation, you should assume that we do not provide it. If you would like to make a feature suggestion, you may open a support ticket, and it will be reviewed.
I believe there is an issue with the API. How should I report it?
If you feel there is an issue with the system and not with your implementation, please provide evidence to support your claim by contacting us in our developer forum, and we will investigate. Please note that we do not accept vague messages as legitimate complaints.
