> ## Documentation Index
> Fetch the complete documentation index at: https://docs.fingerprint.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Overview

> A guide to understanding our API request-based billing and related concepts

## Fingerprint Platform Billing

Customers are billed monthly based on the number of identification API requests made over the billing period. The Fingerprint Platform has three plans: [Free, Pro Plus and Enterprise](https://fingerprint.com/pricing/?utm_source=/docs/quick-start-guide).

> Check out our [Pricing](https://fingerprint.com/pricing/) to learn which plan is best for your needs.

Custom pricing options are available for businesses that require 9,000,000 annual API requests or more. Please reach out to our [Sales team](https://fingerprint.com/contact-sales/).

### Identification API request as a billing unit

A billable API request happens when you *successfully* use the Fingerprint client agent to identify a browser or mobile device. Identification requests successfully processed by Fingerprint generate an `event_id` that is returned in the response.

* All identification requests with an assigned event ID are billable.
* Requests that do not generate an event ID are not billed.

The following requests are **billable**:

* Calling the [`get()`](/reference/js-agent-get-function) function of the Fingerprint JavaScript agent.
* Calling the [`getVisitorId()`](/docs/ios-sdk#getting-a-visitorid) function of the iOS SDK.
* Calling the [`getVisitorId()`](/docs/android-sdk#getting-a-visitorid) function of the Android SDK.
* Calling equivalent functions in our [Flutter](/docs/flutter), [React Native](/docs/fingerprintjs-pro-react-native), or [frontend libraries](/docs/frontend-libraries).

The following requests are **not billable**:

* Downloading the client agent (calling the [`start()`](/reference/js-agent-start-function) function) is not billable.
* Requests to [Server API](/reference/server-api) are not billable.
* Requests blocked by ad blockers or application firewalls are generally not billed.
* Failed requests that result in an error without generating an event ID are not billed.
* Throttled identification requests are not billed.
* Requests filtered by [Request Filtering](/docs/request-filtering) are not billed.

If you encounter any billing issues or believe the billing is not working correctly, please reach out to [our support team](https://fingerprint.com/support/) to resolve your issue.

#### How many API calls will I need?

If you're unsure how many API calls you'll need, try these two options:

1. Start with an [unlimited 14-day free trial](https://dashboard.fingerprint.com/signup) to test all Fingerprint products. By the end, you'll know how many API calls you need.
2. If a trial isn’t possible, estimate the number of important actions where you'll use Fingerprint, like logins, account creation, payments, refunds, or return requests.

### Android API Call Allowance

Pro Plus customers receive 500,000 free Android API calls per month. These API calls apply when using our [Android SDK](/docs/android-sdk), [React Native](/docs/fingerprintjs-pro-react-native), or [Flutter](/docs/flutter) SDKs within an Android app. See [more details](/docs/android-api-call-allowance) on the allowance.

### Caching

When your application code retrieves visitor data from the application cache, it is not billed. Only requests that hit the Fingerprint backend are billed. Our [frontend libraries](https://fingerprint.com/sdk-libraries/) for specific web frameworks provide various caching strategies.

The number of billed requests will depend on your selected caching strategy. See [Caching visitor information](/docs/identify-visitors#caching-the-visitor-id) for more details.

### Smart Signals

[Smart Signals](/docs/smart-signals-reference) (for example, Bot Detection, VPN Detection, and more) are available to users on the Pro Plus or Enterprise plans.

### Billing changes

We reserve the right to change the billing model for our current or future products. In the event of an upcoming billing change, we'll send a notification to all our customers with a notification at least 30 days before the billing change event.

### Other Fingerprint platform features

Other Fingerprint platform features, such as [Server API requests](/reference/server-api), [Webhooks](/docs/webhooks), [Custom subdomains](/docs/custom-subdomain-setup), [Request filtering](/docs/request-filtering), [Proxy integrations](/docs/protecting-the-javascript-agent-from-adblockers#cloud-proxy-integrations), [libraries, and SDKs](https://fingerprint.com/sdk-libraries/) are free of charge with certain limitations per account. See below for more details.

## Account limits

All Fingerprint **accounts** are limited to **one unlimited 14-day free trial**. After you sign up, you are automatically enrolled in the free trial and can try the Fingerprint API without limitations. When the trial ends, your workspace will default to the Free plan unless you upgrade to a paid plan. On the Free plan, you can continue using Fingerprint with some limitations.

The following limits apply to all Fingerprint **accounts**:

| Resource     | Default limit | Notes                                                                                                                                                 |
| ------------ | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------- |
| Team members | 10            | Includes users that signed up and pending invitations. Reach out to [Customer Support](https://fingerprint.com/support/) if you need more user slots. |

All **workspaces** under your account have the following limits:

| Resource              | Default limit                                                                    | Notes                                                                                                                                                                                                                           |
| --------------------- | -------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Monthly API requests  | **unlimited** (paid plans)                                                       | On the Free plan, monthly API requests are limited to 1,000 for Web and iOS, and 500,000 for Android. Only Identification API requests count towards your monthly plan. Server API requests are free.                           |
| API rate limit        | 5 requests per second ([\*bursts](/docs/billing#rate-limiting-burst-protection)) | Applies to requests made using public keys (Identification API). It is possible to increase the limit on the [Enterprise plan](https://fingerprint.com/pricing/?utm_source=/docs/billing#account-limits) by emailing support.   |
| Server API rate limit | 5 requests per second ([\*bursts](/docs/billing#rate-limiting-burst-protection)) | Applies to requests made using secret keys ([Server API](/reference/server-api)). A separate rate limit applies to the [DELETE API](/reference/server-api-delete-visitor-id).                                                   |
| Visitor history       | 30 days                                                                          | For plans, visit history is available through the Dashboard or the [Server API](/reference/server-api) for the past 30 days. For Enterprise plans, the data is kept for 90 days or longer depending on the enterprise contract. |
| SSL certificates      | 50                                                                               | Limited to 5 certificates on Free and trialing plans.                                                                                                                                                                           |
| Environments          | 2                                                                                | Number of multiple environments you can setup.                                                                                                                                                                                  |
| Management API keys   | 5                                                                                | Number of API keys used to interact with the [Management API]().                                                                                                                                                                |

With support for [multiple environments](/docs/multiple-environments), some limits are applied **per environment**. For resources that are **workspace-scoped**, they take up a slot in every environment.

| Resource                | Default limit | Notes                                                                                                                                                    |
| ----------------------- | ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Public API keys         | 2             | API keys used to make billable [identification requests](/docs/quick-start-guide).                                                                       |
| Secret API keys         | 5             | API keys used to make requests to the [Server API](/reference/server-api). Optionally they can be workspace-scoped.                                      |
| Proxy keys              | 5             | Keys used to authenticate with [proxy integrations](/docs/protecting-the-javascript-agent-from-adblockers). Optionally they can be workspace-scoped.     |
| Encryption keys         | 5             | Keys used to encrypt client payloads to enable [Sealed Client Results](/docs/sealed-client-results).                                                     |
| Request filtering rules | 10            | [Filtering rules](/docs/request-filtering) that are used to filter out unwanted requests. Includes allowed/forbidden origins and forbidden HTTP headers. |
| Webhooks                | 5             | Number of configured [webhooks](/docs/webhooks). Optionally they can be workspace-scoped.                                                                |

<Info>
  ### Increasing Limits

  If you are a customer and want to increase a limit, please reach out to [our support team](https://fingerprint.com/support/).
</Info>

### Rate Limiting - Burst Protection

Short unexpected traffic spikes could normally cause request throttling if the API key exceeded the API Rate Limit. **Burst protection** prevents that by allowing peak traffic to be higher than usual for a short period of time. The allowed burst size (bucket) is always `API Rate Limit * 3` (15 RPS in the default configuration). The burst bucket automatically regenerates every second by `API Rate Limit - RPS` when the current RPS is lower than the `API Rate Limit`.

#### Examples

Real world examples of burst bucket depletion with different RPS values (considering the default `API Rate Limit` value above):

* Burst bucket **never depletes** when RPS is 5
* Burst bucket depletes **in 15 seconds** on 6 RPS
* Burst bucket depletes **in 3 seconds** on 10 RPS
* Burst bucket depletes **in 1 second** on 20 RPS

Whenever the bucket depletes, the service starts dropping requests above `API Rate Limit`.

### How am I protected from overpaying?

Fingerprint offers two types of **surge protection** for all customer accounts. First is DDoS protection, so you won't be charged for API calls during an attack. Second is a web application firewall (WAF), which inspects all incoming requests and blocks harmful or abusive traffic (including certain classes of bot activity).

Each request also goes through a customizable [request filtering](/docs/request-filtering) layer. This lets you block requests from unknown sources, limit API calls to certain web apps, or ignore requests based on HTTP headers.

In rare cases where a malicious surge or implementation issue still causes unexpected usage, you may be eligible for **partial** **bill forgiveness**.

* See our [Spike Troubleshooting guide](/docs/troubleshooting-unexpected-usage-spikes) to diagnose the root cause.
* If you confirm the spike was unintentional or malicious, you can [submit a forgiveness request](https://dashboard.fingerprint.com/settings/billing) through the Billing page on the Fingerprint dashboard.

**Important:** Forgiveness can only be applied to your **most recent completed invoice** (i.e. the last completed billing cycle). Older invoices are not eligible, even if they experienced a spike.

***

[Browser and device support](/docs/browser-and-device-support)
