The 429 Too Many Requests error in Payload CMS occurs when the number of requests from a single IP exceeds the configured rate limit within a given time window. By default, Payload allows 500 requests per IP every 15 minutes.
If you’re performing bulk operations (e.g., creating 1000 posts using Postman or an automated script), you may need to temporarily increase the rate limit to avoid this error.
You can do this by adding or modifying the rateLimit configuration in your payload.config.ts file:
export default buildConfig({
collections: [
// your collections here
],
rateLimit: {
window: 1 * 60 * 1000, // 1 minute
max: 1000 // allow 1000 requests per minute
},
})
What this does:
window: Sets the rate-limiting window to 1 minute (in milliseconds)max: Allows up to 1000 requests per IP within that 1-minute window
This is especially useful in development or staging environments where high-volume automated API testing is required.
In production environments, always balance performance and protection when adjusting rate limits to prevent abuse.