When you post multiple toots in quick succession, Mastodon may respond with a “Rate limit exceeded” error and block your account from posting for several minutes. This happens because Mastodon instances enforce rate limits to prevent spam and reduce server load. The error typically appears as an HTTP 429 status code with a message like “Too many requests” or “Rate limit exceeded.” This article explains why posting bursts trigger these limits and how to avoid or recover from them.
Key Takeaways: Rate Limit Exceeded on Posting Bursts
- Instance-level rate limit configuration: Each Mastodon instance sets its own limits for posts per time window, typically 300 posts per 3 hours.
- HTTP 429 error: The server returns this status code when you exceed the allowed posting frequency, along with a
Retry-Afterheader. - Third-party client limits: Apps like Tusky and Mastodon for iOS may have additional per-client limits that compound instance-level restrictions.
Why Mastodon Rate Limits Trigger on Posting Bursts
Mastodon rate limits are a server-side mechanism that controls how many actions an account can perform within a sliding time window. For posting, the default limit on most instances is 300 toots per 3 hours. This is defined in the instance’s RATE_LIMIT environment variable or in the RateLimiter module in the Mastodon source code. When you post multiple toots in a burst — for example, 10 toots in 30 seconds — the server counts each post against your quota. Once the count exceeds the threshold, the server returns a 429 status code and refuses further posts until the window resets.
The rate limit applies per account, not per IP address. This means that using multiple clients or browser tabs from the same account still counts toward the same limit. The server also tracks the time window based on the first action in the burst. If you post 300 toots in 10 minutes, you must wait the remainder of the 3-hour window before posting again. However, most instances implement a sliding window: each action refreshes the window start, so posting continuously can extend the block indefinitely.
Default Rate Limit Values on Popular Instances
Different instances may customize these values. For example, mastodon.social uses 300 posts per 3 hours, while smaller instances might use 500 posts per 6 hours. You can check your instance’s limits by reviewing its /api/v1/instance endpoint or by contacting the admin. The max_toot_chars and poll_limits are also defined there, but the rate limit for posting is typically not exposed in the public API.
Steps to Recover from a Rate Limit Block
If you see the “Rate limit exceeded” error, follow these steps to restore posting ability quickly.
- Check the error message for the retry time
Open the browser developer tools (F12) and go to the Network tab. Find the failed POST request to/api/v1/statuses. Look for theRetry-Afterheader in the response. This value, in seconds, tells you how long to wait before trying again. If the header is absent, the default wait is 15 minutes. - Stop all posting activity immediately
Do not attempt to repost the same toot or queue new posts. Each failed request may reset the sliding window, extending the block. Close any third-party clients that may be retrying automatically. - Wait the full retry period before posting again
Set a timer for the number of seconds shown inRetry-After. Do not check your account during this time. After the period ends, post a single toot to confirm the limit has reset. - Clear browser cache and cookies for the instance
In Chrome, go to Settings > Privacy and security > Clear browsing data. Select “Cookies and other site data” and “Cached images and files.” Set the time range to “Last hour.” Click “Clear data.” This removes any stale rate limit tokens stored locally. - Log out and log back into your account
This refreshes the OAuth token and session state. The server may reset the rate limit counter after a fresh login in rare cases, though this is not guaranteed.
How to Avoid Rate Limits on Posting Bursts
Preventing rate limits requires pacing your posts and understanding your instance’s threshold. Use these methods to stay within limits.
- Use a posting scheduler with built-in delays
Tools like Buffer and Hootsuite allow you to schedule toots with a minimum interval between each post. Set the interval to at least 60 seconds. This prevents bursts from accumulating within the sliding window. - Calculate your safe posting rate
Divide the instance limit by the window duration. For a 300-post limit over 3 hours, the safe rate is 100 posts per hour or 1.67 posts per minute. Space your toots to stay below this average rate. - Monitor your remaining rate limit via API
Use a tool like cURL or Postman to callGET /api/v1/accounts/:id/statusesand check the response headers. Mastodon returnsX-RateLimit-Limit,X-RateLimit-Remaining, andX-RateLimit-Resetheaders on API responses. Track the remaining value to know when you are close to the limit. - Use a dedicated bot account for high-volume posting
If you need to post in bursts regularly, create a second account on an instance with higher rate limits or no posting limits. Mastodon instances like botsin.space are designed for automated posting and may have relaxed limits. - Spread posts across multiple accounts
For cross-posting to different communities, use separate accounts on different instances. Each account has its own rate limit. This does not violate Mastodon’s terms as long as you do not spam the same content.
If Rate Limits Still Block Your Account
Rate limit persists after waiting the retry period
If you wait the specified time and still receive the error, the sliding window may have been extended by other actions. Check if you also performed other rate-limited actions like following, boosting, or favoriting. Each of these has separate limits. Stop all activity for 30 minutes and try again.
Rate limit appears on a third-party client but not on the web interface
Some clients have their own rate limits imposed by the client developer or by the instance’s OAuth app registration. Switch to the official Mastodon web interface or a different client like Tusky or Fedilab. If the web interface works, the client is the bottleneck. Revoke the client’s access token in Preferences > Account > Authorized apps and create a new token.
Rate limit blocks all accounts on the same IP
This is rare but possible if the instance admin has configured IP-based rate limiting as a fallback. If you share a network with other Mastodon users, ask them to stop posting temporarily. Use a VPN or proxy to change your IP address. Contact the instance admin to confirm if IP limits are active.
Mastodon Rate Limit vs Third-Party Client Limits
| Item | Mastodon Instance Limit | Third-Party Client Limit |
|---|---|---|
| Scope | Per account across all clients | Per OAuth token for that specific app |
| Default value | 300 posts per 3 hours | Varies; some clients set 100 posts per hour |
| How to check | Response headers X-RateLimit- |
Client documentation or app settings |
| Reset method | Wait for sliding window to expire | Revoke token and create new one |
| Bypass possibility | Admin can raise limit per account | Not possible; client limits are hardcoded |
Understanding both layers of limits helps you choose the right tool for high-volume posting. If you hit the instance limit, no client can help. If you hit the client limit, switching clients or revoking the token resolves the issue.