API Standards & Rules

Having defined and following standards for our Dixa API makes it easier for you as a user to understand its logic and implementation. Standards make our API more predictable and support intuitiveness, even if these rules are not explicitly stated. We will give you a short overview of the most important standards we are following.

Overall, the Dixa API is organized around REST and allows you to customize and integrate with your personal Dixa account.

That means that our resources follow the REST semantics and use industry-standard HTTP verbs, response codes, and authentication schemes. On top of that, all responses and payloads are in JSON with consistent error codes and formats.


The Dixa API uses bearer token based authentication. Bearer authentication (or sometimes also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. The name "Bearer authentication" can be understood as "give access to the bearer of this token." The client must send this token in the Authorization header when making requests to protected resources.

The tokens can be generated using the Dixa interface, which then can be set in the Authentication header while making the requests.

Read more about how to do that at Create an API token tutorial.

Rate Limiting

We have created a different setup for rate-limiting, as we are moving away from the previous generic rate limit per organization. Instead, we are moving to a set up that allows for a limitation per token and therefore more flexibility.

For the current release, however, we have set the following rate limit:

  • Rate : 10 requests per second
  • Bursts : 4 requests
  • Quota : 864.000 requests per day

In the event your requests exceed the API Rate Limit, a response with HTTP status of 429 Too Many Requests is returned.