# Advanced Topics source: https://developer.mastercard.com/open-finance-europe/documentation/licensed/aiia-enterprise/api-basics/advanced-topics/index.md ## Correlation IDs {#correlation-ids} The API supports [hierarchical request IDs](https://github.com/dotnet/corefx/blob/master/src/System.Diagnostics.DiagnosticSource/src/HierarchicalRequestId.md) through the optional header `X-Correlation-Id`. This allows tracing calls across systems and is helpful in debugging. ```shell X-Correlation-Id: ``` The Correlation ID is hierarchical and it holds all information needed to trace your particular request, starting in your client. If your are not sending any correlation information we will generate it ourselves, however providing hierarchical Correlation IDs generated in your system, provides additional context useful for debugging complex issues. The correlation ID must be unique and must begin with `|` and end with `.`. Everything in between must be a lowercase character (`a-z`), digit (`0-9`), underscore (`_`) or dash (`-`). The maximum length is 128 characters. The correlation ID is returned in every response in the `X-Correlation-Id` header . Note: Correlation IDs must be unique and must not collide with any other requests. ## Concurrent requests {#concurrent-requests} We do support aggressive concurrency between parallel sessions (subject to rate limits). We do not support concurrent requests within a single session. As an example, this means that you must not fetch transactions in parallel between multiple accounts for the same session. ## Idempotency {#idempotency} The API supports idempotency on all `POST` requests if the optional header `X-Request-Id` is in the request: ```shell X-Request-Id: ``` In the event that a network error or similar causes a request to fail, retry the request with the same `X-Request-Id`-header. If the request is already processed, a cached response is returned and the request is not processed. The cached response remains accessible for a duration of one hour. After this period, the cached response is automatically removed, and any subsequent request will be treated as a fresh request. In the event that the first request has not finished processing, a `HTTP 409 Conflict` is returned to indicate that the second request cannot be processed while the first request is ongoing. Wait for the first request to complete, or try the request again. ## Rate limits {#rate-limits} All API are subject to rate limiting. Mastercard does not publish its rate limiting methodology, as rate limits may be temporarily adjusted to protect internal and provider infrastructure. `HTTP 429 Too Many Requests` is returned when rate limit traffic is applied. Refer to the [429 error message](https://developer.mastercard.com/open-finance-europe/documentation/licensed/aiia-enterprise/codes-formats/index.md) for details. ## Paging {#paging} The API uses an infinite paging approach for splitting large payloads into multiple responses. Paging accommodates for varying performance of the underlying providers. Page size is dynamically controlled based on both time and amount of items. A page is returned when either condition has been met: * More than 1000 items have been fetched from the ASPSP * More than ten seconds have passed waiting for the ASPSP to return data