Requests in excess of the posted limits will receive a 429HTTP response. Within that response you will also receive a Retry-After header that will contain a value detailing the number of seconds after which the request could be retried again.

Sandbox

Resource	Max Requests Per Minute
https://api-sandbox.astra.finance/*	500
https://secure.api-sandbox.astra.finance/*	500

Production

Resource	Max Requests Per Minute
https://api.astra.finance/*	500
https://secure.api.astra.finance/*	500

Implementation Recommendations

For requests that receive a 429HTTP response due to rate limiting, we recommend retrying that request with exponential backoff and jitter.
Ensure batched requests are evenly distributed
- For example, do not send the maximum amount of requests per minute within a period of a few seconds. Instead, space out the requests in a relatively even distribution across the entire minute.

Upcoming Changes

For `sandbox` as of 03/12/2026

🚧
As of 03/12/2026, the X-CLIENT-ID is not required in sandbox. This header is optional, and can be used to unlock increased usage limits for your program.

For every request made to the Astra API in sandbox (https://api-sandbox.astra.finance/v1), add the X-CLIENT-ID header to the request headers. The value of this new header should be your client_id from sandbox.

Example request with new X-CLIENT-ID (replace YOUR_SANDBOX_CLIENT_ID with your Client ID found from your sandbox dashboard under the Keys >Client ID) :

curl --request POST \
     --url https://api-sandbox.astra.finance/v1/user_intent \
     --header 'accept: application/json' \
     --header 'x-client-id: YOUR_SANDBOX_CLIENT_ID' \
     --header 'authorization: Basic MTIzOmFiYw==' \
     --header 'content-type: application/json' \
     --data '
{
  "first_name": "Edmund",
  "last_name": "Hillary",
  "date_of_birth": "1985-02-03",
  "ssn": "1234",
  "phone": "YOUR_PHONE",
  "email": "YOUR_EMAIL",
  "address1": "123 Astra Ave",
  "city": "Palo Alto",
  "state": "CA",
  "postal_code": "94304",
  "ip_address": "192.0.2.0"
}
'

For `production` as of 03/12/2026

🚧
As of 03/12/2026, the X-CLIENT-ID is not required in production. This header is optional, and can be used to unlock increased usage limits for your program.

For every request made to the Astra API in production (https://api.astra.finance/v1), add the X-CLIENT-ID header to the request headers. The value of this new header should be your client_id from production.

Example request with new X-CLIENT-ID (replace YOUR_PROD_CLIENT_ID with your Client ID found from your production dashboard under the Keys >Client ID) :

Sandbox

Production

Implementation Recommendations

Upcoming Changes

For sandbox as of 03/12/2026

For production as of 03/12/2026

For `sandbox` as of 03/12/2026

For `production` as of 03/12/2026