Rate Limiting Per-Org, Per-Tool

Every external API has rate limits. Gmail: 250 sends/day. Salesforce: 100,000 API calls/day. Slack: 1 message/second per channel. Exceed them, and you get 429s, temporary bans, or silent throttling.

Most agent teams handle this by... not handling it. They find out when things break in production at 2am.

Multi-Level Rate Limiting

Hexel Tool Gateway enforces rate limits at three levels simultaneously: - **Per-org**: total calls across all tools - **Per-toolkit**: calls to a specific provider (e.g., all Gmail tools) - **Per-account**: calls using a specific connected account

Limits are configurable per-tool and adaptive — the gateway learns from 429 responses and backs off proactively.

Token Bucket + Sliding Window

Rate limiting uses a hybrid approach: - Token bucket for burst allowance (short spikes are fine) - Sliding window for sustained rate (prevents creeping over daily limits)

Both tracked in Redis with sub-millisecond overhead.

What happens when limits are hit:

Instead of a cryptic 429 error, your agent receives a structured response: - Which limit was hit (org, toolkit, or account) - When the limit resets - How many calls remain in the current window

Your agent can make intelligent decisions about which calls to prioritize.

Before: Hand-rolled rate limiting per API (if you even bothered). No visibility into remaining quota. Production incidents when limits are exceeded.

After: Automatic. Your agent never exceeds provider limits. You see remaining quota in real-time.