Rate Limits

Metered asset/API limits apply per active API key id and per endpoint bucket. Counts are stored in Valkey bucketed by UTC day when Valkey is configured; if Valkey is unavailable, these endpoint limits fail open so normal traffic is not blocked by the limiter. Some low-volume account endpoints also have separate slowapi caps, usually per user or per client IP.

Free tier - $0/month

Endpoint	Limit
`GET /v1/svg/{slug}`	50 requests/day
`GET /v1/png/{slug}`	50 requests/day
`GET /v1/webp/{slug}`	50 requests/day
`GET /v1/search`	30 requests/day
`POST /v1/catalog/batch`	5 calls/day · max 10 slugs per call
`GET /v1/catalog/{slug}`	100 requests/day
`GET /v1/brand`	20 requests/day

Free tier restricts variant to mono only across SVG, PNG, and WebP - the single-color version that works on any background. Upgrading to Pro unlocks all 6 variants in all formats.

Pro tier - $9/month

Endpoint	Limit
`GET /v1/svg/{slug}`	2,000 requests/day
`GET /v1/png/{slug}`	2,000 requests/day
`GET /v1/webp/{slug}`	2,000 requests/day
`GET /v1/search`	500 requests/day
`POST /v1/catalog/batch`	50 calls/day · max 50 slugs per call
`GET /v1/catalog/{slug}`	Unlimited (no per-day cap on this endpoint for Pro)
`GET /v1/brand`	300 requests/day

Pro unlocks all 6 variants in all formats (SVG, PNG, WebP): mono, color, dark, light, wordmark, icon.

Enterprise - custom

Custom limits negotiated per contract, starting at 100,000+ requests/day. Contact sales.

Rate limit headers

Successful responses from rate-limited routes include:

X-RateLimit-Limit: 50
X-RateLimit-Remaining: 47
X-RateLimit-Reset: 4127

X-RateLimit-Reset is seconds until the next UTC midnight (same semantics as the API implementation).

Separate account/API safety caps

These caps are not the same as the daily asset buckets above:

Endpoint	Limit	Key
`POST /auth/resend-verification`	3/hour	client IP
`POST /auth/forgot-password`	3/hour	client IP
`GET /v1/usage`	60/minute	authenticated user, then IP fallback
`GET /v1/analytics/usage`	60/minute	authenticated user, then IP fallback

GET /v1/usage reads counters and does not increment any endpoint quota bucket.

When you exceed a limit

The API returns HTTP 429 with a Retry-After header (seconds). The JSON body matches the live API, for example:

{
  "error": "rate_limit_exceeded",
  "message": "Daily limit of 50 requests reached.",
  "reset_in_seconds": 4127,
  "upgrade_url": "https://scrift.app/pricing"
}

Exact message and numeric values depend on the endpoint and tier.

MCP server

The MCP server has no limits of its own. It calls the Scrift API using your API key, so your tier limits apply normally. A free user using the MCP gets free tier limits. A Pro user gets Pro limits.

Upgrade

scrift.app/pricing

Checking your usage

Scrift provides a dedicated endpoint so you can read today's request count per endpoint at any time, without making a real API call.

GET /v1/usage
Authorization: Bearer <your-jwt>

Or with your API key directly:

GET /v1/usage
X-API-Key: scrf_your_key_here

Response

{
  "date": "2026-04-15",
  "tier": "pro",
  "endpoints": {
    "svg":     { "used": 142, "limit": 2000 },
    "png":     { "used": 0,   "limit": 2000 },
    "webp":    { "used": 0,   "limit": 2000 },
    "catalog": { "used": 89,  "limit": 2000 },
    "search":  { "used": 12,  "limit": 300  },
    "domain":  { "used": 3,   "limit": 300  },
    "batch":   { "used": 1,   "limit": 2000 }
  }
}

used — requests made today (UTC) on this endpoint
limit — your daily cap. null for enterprise and internal tiers
This endpoint does not consume any quota
Counters reset at midnight UTC

Free tier - $0/month​

Pro tier - $9/month​

Enterprise - custom​

Rate limit headers​

Separate account/API safety caps​

When you exceed a limit​

MCP server​

Upgrade​

Checking your usage​