Terms and Usage Guidelines
This page consolidates the practical operating rules developers usually need before a build moves toward production.
Terms and conditions
Use your organization's SpotDraft legal and commercial terms as the source of truth for API usage rights and plan entitlements.
For general product terms, start here:
If your organization has customer-specific commercial terms, follow those over any generic public reference.
API rate limit
SpotDraft applies a public API rate limit of 10 requests per second per workspace.
This limit applies to API requests made by your integration. Webhook deliveries from SpotDraft are excluded from this API request limit.
Design clients so they can slow down instead of failing an entire job when the API returns 429 Too Many Requests.
Retry behavior
Integrations should assume:
- API calls can fail transiently
- retries must be bounded and idempotent
- polling should not replace webhooks as the primary lifecycle signal
Use exponential backoff with jitter for 429, timeouts, and 5xx responses. Do not blindly retry validation, authentication, permission, or not-found errors without changing the request.
Environment usage rules
Apply these rules consistently:
- keep UAT and production credentials separate
- register webhook endpoints separately per environment
- do not assume workflows or metadata fields exist in every environment
- validate integrations in the target environment before any go-live claim
Use Environments for the detailed checklist.
Supported developer workflow
The recommended developer flow is:
- review existing integrations and confirm whether custom API work is needed
- validate access and API host selection
- make the first authenticated request
- design the metadata and webhook model
- move into the recipe or integration guide that matches the use case