Two limits gate POST /v1/send: a per-app burst rate limit and (on the hosted tier) a monthly event quota. Rate-limited requests do NOT consume quota.

Per-app rate limit

Token-bucket via a Durable Object, scoped to each app. Default: 1000 events/minute burst capacity. When exceeded:

HTTP 429
{
  "error": "rate_limited",
  "retry_after_ms": 1200
}

Wait retry_after_ms and resend. The limit is configurable per app via PUT /api/dashboard/apps/:id/rate-limit (10 to 100,000 events/min, or null to reset to default). Self-hosters can also change the server-wide default in apps/api/src/rate-limiter.ts.

Monthly event quota (hosted tier only)

Free: 10,000 events/month. Pro: 50,000 events/month. Self-host: unlimited.

HTTP 429
{
  "error": "quota_exceeded",
  "plan": "free",
  "limit": 10000,
  "used": 10000,
  "year_month": "2026-04",
  "detail": "monthly send limit..."
}

Headers:
  x-ratelimit-limit: 10000
  x-ratelimit-used:  10000
  x-ratelimit-scope: monthly

The counter resets on the first day of each calendar month. Upgrade to Pro on /pricing to raise the cap.