# Advanced topics
source: https://developer.mastercard.com/ob-accept-payments/documentation/developer-support/advanced-topics/index.md

## Correlation Ids {#correlation-ids}

The API supports hierarchical request IDs through the optional header `X-Correlation-Id`:

    X-Correlation-Id: <your Correlation Id>

This allows tracing calls across systems and is helpful in debugging.

The correlation ID should be unique and must begin with \| and end with `.` Everything in between must be a character (`A-Za-z`), digit (`0-9`), underscore (`_`) or dash (`-`). The maximum length is 128 characters. The correlation ID is returned in every response in the `X-Correlation-Id` header.

Here is an example of a valid Correlation Id:

`|aedRc498c_c7bc4A89ea8cc9Vb-V9c91f0F3cfe.`

## Concurrent requests {#concurrent-requests}

Aggressive concurrency is supported between parallel sessions (subject to rate limits). Concurrent requests within a single session are not supported.

## Idempotency {#idempotency}

The API supports idempotency on all POST, PUT and PATCH requests if the optional header `X-Request-Id` is in the request:

    X-Request-Id: <your request Id>

Note: It is strongly recommended to use idempotency.

In the event that a network error or similar causes a request to fail, you can retry the request with the same X-Request-Id-header. If we have already processed the request, we will return a cached response and will not actually process the request. In the event that the first request has not yet finished processing, we will return a `HTTP 409 Conflict` to indicate that we cannot process the second request while the first request is ongoing. You can wait for the first request to complete or try the request again.

## Rate Limiting {#rate-limiting}

Rate limiting is applied on all endpoints. That means you can only make a certain number of requests over a certain period of time. The current rate will be displayed in the `X-RateLimit-Limit header`.

The returned HTTP headers of any limited request will show your current rate limit status:

    HTTP/1.1 200 OK 
    Date: Mon, 08 Jul 2019 09:27:06 GMT 
    Status: 200 OK 
    X-RateLimit-Limit: 3000 
    X-RateLimit-Remaining: 37 
    X-RateLimit-Reset: 39 
    { <content> }

|       **Header**        |                           **Description**                            |
|-------------------------|----------------------------------------------------------------------|
| `X-RateLimit-Limit`     | The maximum number of requests you are permitted to make per window. |
| `X-RateLimit-Remaining` | The number of requests remaining in the current rate limit window.   |
| `X-RateLimit-Reset`     | The number of seconds that is left until the limit resets.           |

When you exceed your rate limit, you will receive an HTTP Status = 429 Too Many Requests error response. Refer to [Codes and Formats](https://developer.mastercard.com/ob-accept-payments/documentation/developer-support/code-and-formats/index.md) for a sample of the error and how to handle it.

## Providers Endpoint {#providers-endpoint}

Do not use the Get Providers endpoint to display bank selection on your side unless you have an outsourcing agreement with us. Please speak to your account manager for more information.

## Paging {#paging}

The endpoints that return a list of results support paging.

These endpoints can be controlled through the query parameters `limit` and`offset`. Limit will ensure that only that number of items are returned. Offset will control how many items will be skipped before returning the results.

`GET /resources?offset=5&limit=5` will return resources 6 to 10.

If a limit is not specified, then the default limit applies.