# Advanced Topics source: https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-pay/advanced-topics/index.md ## Concurrent requests {#concurrent-requests} Aggressive concurrency is supported between parallel sessions (subject to rate limits). Concurrent requests within a single session is not supported. As an example, this means that you should not fetch transactions in parallel between multiple accounts for the same session. ## Idempotency {#idempotency} The API supports idempotency on all `POST` requests if the optional header `X-Request-Id` is in the request: ```shell X-Request-Id: ``` In the event that a network error or similar causes a request to fail, retry the request with the same `X-Request-Id`-header. If the request is already processed, a cached response is returned and the request is not processed. In the event that the first request has not finished processing, a `HTTP 409 Conflict` is returned to indicate that the second request cannot be processed while the first request is ongoing. The first request should be wited on to complete, or the request should be tried again. ## Correlation IDs {#correlation-ids} The API supports [hierarchical request IDs](https://github.com/dotnet/corefx/blob/master/src/System.Diagnostics.DiagnosticSource/src/HierarchicalRequestId.md) via the optional header `X-Correlation-Id`: ```shell X-Correlation-Id: ``` This allows tracing calls across systems and is helpful in debugging. The correlation ID should be unique and must begin with `|` and end with `..`. Everything in between must be a character (A-Za-z), digit (0-9), underscore (_) or dash (-). The correlation ID must not be longer than 1000 characters or a 400 Bad Request error is returned. A correlation ID is returned on every response in the X-Correlation-Id header. Example of how a correlation ID can be populated during a request flow: * You -\> \|abc. -\> Aiia Pay * Aiia Pay -\> \|abc.1. -\> Internal Aiia Pay System * Internal Aiia System -\> \|abc.1.2. -\> Bank * Bank -\> \|abc.1.2.xyz. -\> Aiia Pay * Aiia Pay -\> \|abc.1.2.xyz.3. -\> You Note: It is optional to provide a correlation ID. It will be added to the chain of correlation IDs if provided, but a correlation ID will always be returned in the response to be stored in your logs. The correlation ID can be provided later in case there is a need to track down integration issues with faster. ## Rate limits {#rate-limits} Some endpoints are rate limited. That means you can only make a certain amount of requests over a certain period of time. The current rate will be displayed in the `X-RateLimit-Limit` header. The returned HTTP headers of any limited request will show your current rate limit status: HTTP/1.1 200 OK Date: Mon, 08 Jul 2019 09:27:06 GMT Status: 200 OK X-RateLimit-Limit: 3000 X-RateLimit-Remaining: 37 X-RateLimit-Reset: 39 | **Header** | **Description** | |-------------------------|----------------------------------------------------------------------| | `X-RateLimit-Limit` | The maximum number of requests you are permitted to make per minute. | | `X-RateLimit-Remaining` | The number of requests remaining in the current rate limit window. | | `X-RateLimit-Reset` | The number of seconds that is left until the limit resets. | When you exceed your rate limit, the response will look like this: HTTP/1.1 429 Too Many Requests Date: Mon, 08 Jul 2019 09:27:06 GMT Status: 429 Too Many Requests X-RateLimit-Limit: 60 X-RateLimit-Remaining: 0 X-RateLimit-Reset: 16 { "error": "RATE LIMITED" } The `429 Too Many Request` status code will be returned when you've exceeded your limit. After that, you can look at the `X-RateLimit-Reset` to see when the window is reset and you can start making requests again. See also the `RateLimited` [error message](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-pay/codes-formats/index.md). ## Response caching {#response-caching} Responses to resource endpoints are cached for a very short time. To disable this behaviour, you can add the `Cache-Control` header with the value `no-cache, no-store`. ## Paging {#paging} The API uses an infinite paging approach for splitting data access to multiple requests. Paging accommodates for varying performance of the underlying providers. Page size is dynamically controlled based on both time and amount of items. A page is returned when either condition has been met: * More than 1000 items have been fetched from the ASPSP * More than ten seconds have passed waiting for the ASPSP to return data