API rate limit / issues from hitting /token endpoint too many times?


On Saturday my team was testing transfer creation in the sandbox and were receiving apparent errors from the /token endpoint.

We use the Golang package https://godoc.org/github.com/kolanos/dwolla-v2-go, so we don’t have quite the visibility that we want into the exact response, but from what we understand the returned json was not able to be parsed correctly and the status code was 403.

Looking at the Dwolla status page, it doesn’t look like there were any issues or outages during that time. Thinking closely about our architecture, I’m curious if there would be any issues on your end from hitting the /token endpoint a bunch of times almost simultaneously? We use AWS lambda, and when we receive X number of inbound webhook requests, up to X number of lambda instances will spin up to process those webhooks. All of the failures I see in our logs are related to the /token endpoint.


Hi @bzswords, this could be the cause of the error you received when hitting the token endpoint. There may be some protection on that endpoint which limits the number of requests within a short timespan. It sounds like you may be calling to retrieve an access token on each request? Access tokens should be valid for up to an hour after being issued. I’d likely recommend using some type of data store for your secure credentials to where you’d call once/twice per hour and then use that token for all calls to the Dwolla API. I’d be happy to dig into your API requests further, feel free to DM me with your app name and I can take a closer look.