This feature is available from v0.22.0.

Rate limiting is an essential functionality for establishing a robust and resilient system. It safeguards system resources from being misused by malicious actors or being monopolized by one client.

A variable-cost token bucket rate limited algorithm has been added to provide the capability for different API controllers and methods to have a varying cost. It also lays a foundation for dynamic costing of resource consumption.


The following limits apply to each category of the Novu system. Each category has an independent bucket of rate-limit tokens to consume. Bulk requests have a rate limit cost of 100 times the base limit and consume from the same token pool. For example, the free tier would allow a combined maximum of 10 standard trigger events and 2 bulk trigger events in the same 1-second window.

Events60 rps600 rpsTrigger
Configuration15 rps150 rpsSubscribers, Topics, Tenants
Global30 rps300 rpsAll other endpoints consume rate limiting tokens from this category.