API use is subject to our Terms of Use, including permitted data uses (e.g. sales input, internal reports, LLM training) and restrictions (e.g. no scraping, resale, or public raw display).
Rate Limits
All API keys belonging to the same account share these budgets. Use GET /api/v1/stats for real-time usage: the response includes a rate_limits object with every limit (per_minute, daily, monthly, daily_company_detail, monthly_pagination, monthly_export, and test_key_monthly when using a test key). Each entry has limit, used, remaining, and reset_unix (when the window resets), so you can see exactly which limit you are close to or have hit.
Good to know
- Test API keys share a 300 requests/month sub-limit within the 3,000 total.
- Up to 100 unique companies per day via detail endpoints — repeat views are free.
- 200 page turns per month on list endpoints; max 500 records per query set.
- 3,000 records/month export budget across all endpoints combined.
Real-time usage: GET /api/v1/stats
The rate_limits object in the response lists every limit with current used, remaining, and reset_unix (Unix timestamp when the window resets). Keys: per_minute, daily, monthly, daily_company_detail, monthly_pagination, monthly_export; test_key_monthly is present only for test keys.
{
"rate_limits": {
"per_minute": { "limit": 20, "used": 3, "remaining": 17, "reset_unix": 1739876543 },
"daily": { "limit": 300, "used": 45, "remaining": 255, "reset_unix": 1739923200 },
"monthly": { "limit": 3000, "used": 1200, "remaining": 1800, "reset_unix": 1740787200 },
"daily_company_detail": { "limit": 100, "used": 10, "remaining": 90, "reset_unix": 1739923200 },
"monthly_pagination": { "limit": 200, "used": 50, "remaining": 150, "reset_unix": 1740787200 },
"monthly_export": { "limit": 3000, "used": 800, "remaining": 2200, "reset_unix": 1740787200 },
"test_key_monthly": null
}
}Rate Limit Headers
Every API response includes headers listing all critical limits. On 429 responses, additional headers indicate which limit was hit and when it resets.
On Every Response (200 and 429)
All critical limits are listed so you can display them in your UI and avoid hitting them:
X-RateLimit-Per-Minute-Limit 20X-RateLimit-Daily-Limit 300X-RateLimit-Monthly-Limit 3,000X-RateLimit-Monthly-Pagination-Limit 200 page turns/monthX-RateLimit-Daily-Company-Detail-Limit 100 unique companies/dayX-RateLimit-Test-Key-Monthly-Limit 300 (test keys only)On 429 Only – Limit That Was Hit
When a limit is exceeded, these headers identify the limit and when it resets:
X-RateLimit-Limit-Type Which limit was hit: per_minute, daily, monthly, test_key_monthly, monthly_pagination, daily_company_detail, monthly_exportX-RateLimit-Limit Numeric limit for that windowX-RateLimit-Remaining 0 (exceeded)X-RateLimit-Used Current usage for that windowX-RateLimit-Reset Unix timestamp when the limit resetsRetry-After Seconds until retry (when applicable, e.g. 60 for per-minute)When a Limit is Exceeded
The API returns HTTP 429 with a JSON body that always includes limit_type, limit, and used so you know exactly which limit was hit:
429 Response (daily limit example)
{
"error": "Daily API request limit reached (300/300 today). Resets at midnight UTC.",
"limit_type": "daily",
"limit": 300,
"used": 300,
"retry_after": 4521,
"detail": "daily_limit_exceeded"
}limit_type values: per_minute, daily, monthly, test_key_monthly, monthly_pagination, daily_company_detail, monthly_export. When present, retry_after is seconds until you can retry (e.g. 60 for per-minute; seconds until midnight UTC for daily).
Filter Values and Data Formats
Understanding the correct format for filter values helps avoid errors and improves API efficiency:
Countries
Use 2-letter ISO country codes:
US- United StatesGB- United KingdomDE- GermanyFR- FranceCA- Canada
Get the full list via /api/v1/filters
Funding Amounts
Flexible format with suffixes:
1M= $1,000,000500K= $500,0002.5B= $2,500,000,0001000000= $1,000,000
Suffixes: K (thousands), M (millions), B (billions)
Industries & Stages
Use exact values from the filters endpoint:
- Industries: "AI", "Fintech", "Healthcare", "SaaS"
- Stages: "Seed", "Series A", "Series B", "Series C+", "Debt", "undisclosed", "Bootstrapped"
Case-sensitive, use /api/v1/filters for current values
Getting Filter Values
Always fetch current filter values:
curl -X GET "https://fundup.ai/api/v1/filters" \
-H "Authorization: Bearer YOUR_API_KEY_HERE"This ensures you're using valid, up-to-date values
Best Practices
Caching
- Cache responses when possible
- Use ETags for conditional requests
- Implement local caching for frequently accessed data
- Set appropriate cache headers in your application
Request Optimization
- Use pagination to limit response size
- Request only the data you need
- Combine multiple filters in single requests
- Use the search endpoint for complex queries
Error Handling
- Always check response status codes
- Implement exponential backoff for 429 errors
- Monitor rate limit headers
- Handle network errors gracefully
Monitoring
- Track your API usage regularly
- Monitor rate limit headers
- Set up alerts for high usage
- Use the /stats endpoint to check usage
Security
API Key Security
Keep your API keys secure and never expose them in client-side code or public repositories.
Security Guidelines
- • Never commit API keys to version control - Use environment variables or secure configuration management
- • Use HTTPS only - All API requests must use HTTPS encryption
- • Rotate keys regularly - Delete old keys and create new ones periodically
- • Monitor usage - Regularly check your API usage for unusual activity
- • Use different keys for different environments - Separate production and development keys
HTTPS Requirement
All API requests must be made over HTTPS. HTTP requests will be rejected for security reasons.
Base URL
https://fundup.ai/api/v1Always use HTTPS when making API requests to ensure your data is encrypted in transit.
Need Help?
If you have questions about rate limits, security, or need assistance with your API integration, please contact our support team.