Limits & errors
Two limits bound BYOA traffic: a per-token rate limit and a per-workspace daily cap. Both return a clean 429 with a Retry-After you can honor.
Per-token rate limit
Every token is rate-limited to 60 requests per minute. On the Scale tier the cap is 600 requests per minute, applied automatically to every token in the workspace.
Exceeding the rate limit returns HTTP 429 with a Retry-After header (seconds until the current minute resets) and a structured MCP error with code: "rate_limited". The Retry-After value is signed, so a proxy in your network cannot forge a shorter wait.
HTTP/1.1 429 Too Many Requests
Retry-After: 24
{
"jsonrpc": "2.0",
"id": 7,
"error": {
"code": "rate_limited",
"message": "Rate limit reached for this token (60 requests/min). Retry after the current minute resets."
}
}Per-workspace daily cap
A second, cumulative cap counts all requests across every token in the workspace, per UTC day. It resets at midnight UTC. When it is reached, all further MCP requests that day return 429 with a clear message.
- Growth1,000 requests / day
- Growth+10,000 requests / day
- Scale100,000 requests / day
- Enterpriseconfigurable (default 1,000,000)
How BYOA reads are billed
Plain read calls debit nothing. BYOA reads are included in your plan up to the daily caps above: that is the whole billing story for reads. There is no per-call price, no bundled allowance to track, and no overage meter on reads.
Credits are charged only where real agent work happens. A tool that runs an internal model step to do its job (natural-language customer.search is the v1 example) debits credits as the step it is. A triggered playbook run (v1.5) debits through the run it creates, like any run. You see credits in the run trace and dollars at billing.
The error contract
Every MCP error is a structured JSON-RPC error with a stable code and a human-readable message. Handle these kinds:
- 401unauthorizedunauthorized: Missing, malformed, revoked, or expired token.
- 403tier_gatetier_gate: The workspace is on Free. BYOA is available on paid tiers.
- 403permission_deniedpermission_denied: The token is valid but does not carry the scope the tool requires.
- 403forbiddenforbidden: Another authorization refusal: the workspace is paused, or the platform is temporarily locked.
- 422tool_errortool_error: The tool itself refused the call: a domain error, like a malformed customer key. Fix the input; retrying unchanged will fail again.
- 429rate_limitedrate_limited: Per-token rate limit or the workspace daily cap was exceeded. Honor Retry-After.
- 500internal_errorinternal_error: An unexpected server-side failure. Safe to retry with backoff.
Error messages may cite a docs URL on this site. The quickstart's troubleshooting section maps the ones you will meet most often to what to change.