Rate Limits and Fair Use
How WUTS handles throughput, what the practical limits are, and how to pace traffic responsibly.
WUTS is tuned for high throughput across many tenants and does not enforce an aggressive per-tenant request cap on the gateway. In practice your traffic is bounded by two things: the gateway's HTTP timeouts, and the pacing WhatsApp itself applies to each connected device. This page explains both, and the fair-use practices that keep your number healthy.
WUTS does not currently return a hard 429 Too Many Requests from a per-tenant
quota. Design your client for resilience (backoff and retry) rather than around
a fixed numeric limit, since limits may evolve for future commercial tiers.
How throughput actually works
Every send is bound to a connected device and is dispatched over that device's live WhatsApp session. The real ceiling is therefore the rate at which a single WhatsApp number can reasonably send — not an arbitrary number set by the gateway. Sending far faster than a human would, or blasting recipients who never opted in, is what gets a number flagged by WhatsApp, regardless of what the API allows.
Treat the gateway as a fast, fair pipe and shape your own traffic to look natural. The sections below give you the concrete knobs.
Gateway request timeouts
The HTTP server enforces connection-level timeouts to protect the service. These are the only hard, gateway-side limits you will hit under normal use:
| Setting | Value | Meaning |
|---|---|---|
| Read timeout | 60s | Time allowed to read the full request |
| Read header timeout | 60s | Time allowed to read request headers |
| Write timeout | 120s | Safety net for the response to be written |
| Idle timeout | 65s | Keep-alive timeout for idle connections |
| Max header size | 1 MB | Maximum size of request headers |
Most calls complete in well under a second. The wide write timeout exists
because some operations intentionally take longer — for example, a send with a
long delay plus typingDuration (see below) holds the request open until the
message is actually dispatched.
Set your client's own request timeout to comfortably exceed any delay you
request. A POST /send/text with "delay": 30 will not respond for at least 30
seconds, by design — a 10-second client timeout would abort a perfectly healthy
send.
Built-in natural pacing
WUTS ships per-message pacing controls so you can make automated sends look
human without writing your own scheduler. These are accepted by the send
endpoints (POST /send/text, POST /send/audio, POST /send/template, and
the other media sends):
| Field | Type | Range | Effect |
|---|---|---|---|
delay | integer (seconds) | 0–3600 | Wait this long before dispatching the message |
typingDuration | integer (seconds) | 0–30 (default 3) | Show the typing indicator before the text appears |
disablePresence | boolean | — | Skip the typing indicator entirely |
curl -X POST https://api.wuts.com.br/send/text \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{
"number": "5511999999999",
"text": "Hi! Thanks for reaching out.",
"delay": 2,
"typingDuration": 4
}'Using delay and typingDuration to spread out a batch — instead of firing
hundreds of requests in the same instant — is the single most effective way to
keep your number in good standing.
Recommended client-side practices
Because the gateway does not throttle you, you should pace yourself. The following patterns are what we recommend for any client sending at volume.
Limit concurrency
Cap the number of in-flight requests per device. A small concurrency window (for example, a handful of simultaneous sends per connected number) keeps the session responsive and avoids overwhelming a single WhatsApp account.
Spread out bulk sends
For campaigns or broadcasts, add a short gap between recipients rather than
sending everything at once. Combine a client-side gap with the built-in delay
to mimic human cadence. Sudden bursts to many new recipients are the classic
trigger for WhatsApp spam flags.
Back off on 503 and 5xx
WUTS returns 503 Service Unavailable for transient conditions — for example,
when a device is momentarily disconnected, still warming up
(DEVICE_NOT_READY), or a downstream dependency is briefly unavailable. Treat
503 and any 5xx as retryable with exponential backoff and jitter:
# Pseudocode: retry with exponential backoff + jitter
attempt=0
max_attempts=5
while [ $attempt -lt $max_attempts ]; do
status=$(curl -s -o /dev/null -w '%{http_code}' \
-X POST https://api.wuts.com.br/send/text \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{"number":"5511999999999","text":"Hello"}')
if [ "$status" = "200" ]; then break; fi
# only retry transient failures
case "$status" in 503|500|502|504) ;; *) break;; esac
sleep_s=$(( (2 ** attempt) + (RANDOM % 2) )) # 1s, 2s, 4s, ... + jitter
sleep "$sleep_s"
attempt=$((attempt + 1))
doneDo not retry 4xx responses blindly — a 400, 401, or 404 will not
succeed on retry and indicates a problem with the request, token, or target.
See Errors for the full status reference.
Honor delivery feedback
Watch your webhooks for delivery and read receipts. A rising rate of undelivered messages or blocks is an early signal that your sending pattern or audience needs adjustment — slow down before WhatsApp does it for you.
WhatsApp messaging policy and consent
WUTS connects real WhatsApp accounts, so WhatsApp's own messaging policies apply to everything you send. Responsible use is not optional — it protects your number from being banned.
Only message recipients who have opted in to hear from you. Unsolicited bulk messaging, scraped contact lists, and aggressive marketing blasts routinely get WhatsApp numbers banned — a ban the gateway cannot reverse.
Practical guidelines:
- Get consent first. Send only to people who agreed to be contacted on WhatsApp.
- Make opt-out easy. Respect requests to stop, and stop sending immediately.
- Keep it relevant. Personalized, expected, low-volume conversations are far safer than identical mass blasts.
- Warm up new numbers. A brand-new number sending at high volume on day one looks like spam. Ramp up gradually.
- Watch your quality signals. Blocks and reports degrade your number's standing; sustained natural pacing protects it.
Future commercial tiers
The fair-use posture described here reflects the current gateway behaviour. Dedicated quotas, guaranteed throughput, and per-tier limits may be introduced for future commercial plans. When that happens, any enforced limits will be surfaced through standard rate-limit response headers so your client can adapt automatically. Until then, the pacing and backoff guidance above is the contract.
Related pages
- Quickstart — send your first message
- Conventions — request and response shapes, JID formats
- Errors — status codes and which ones are retryable
- Webhooks — react to delivery and read receipts