HTTP V2 API
Considerations
Keep the following in mind as you use the HTTP V2 API.
Rate limiting
Amplitude rate limits individual users (by Amplitude ID) that update their user properties more than 1800 times per hour. This limit applies to user property syncing and not event ingestion. Amplitude continues to ingest events, but may drop user property updates for that user.
Upload limit
For Starter plan customers:
Limit your upload to 100 batches per second and 1000 events per second. You can batch events into an upload, but Amplitude recommends not sending more than 10 events per batch. Amplitude expects fewer than 100 batches per second, and the 1000 events per second limit still applies.
For customers on Growth and Enterprise plans:
Keep request sizes under 1 MB with fewer than 2000 events per request. When you exceed these size limits, you get a 413 error.
If you have high volume and concerned with scale, partition your work based on device_id or user_id. This ensures that throttling on a particular device_id (or user_id) doesn't impact all senders in your system. If you use a proxy service to send events to Amplitude, make sure that throttling forwards to your clients, instead of letting spammy clients slow down a partition of work in your system.
Information for partner integrations
If you have an event ingestion integration with Amplitude, you need to send your integration's assigned partner ID in the event payload.
For help finding your integration's partner ID and a payload example, see Create an Event Ingestion Integration.
All-zero device IDs: Limit Ad Tracking enabled
As of iOS 10, Apple replaces the Identifier for Advertiser (IDFA) with all zeros if the user enables Limit Ad Tracking. Because all events require a device ID, Amplitude drops device IDs of all zeros and returns an error on the request.
If you are passing the IDFA as the device ID, first run a check on the IDFA value. If it's all zeros, pass a different value for the device ID, such as the Identifier for Vendor (IDFV).
Windows OS
If you are using a Windows operating system, then you may have to replace all single quotes with escaped double quotes.
String character limit
All string values, like user_id, event, or user property values, have a character limit of 1024 characters.
Set date values
Amplitude compares dates as strings, so it's best to use the ISO 8601 format (YYYY-MM-DDTHH:mm:ss). This format lets you perform date comparisons, (for example: '2016-01-31' > '2016-01-01'). Comparison also works for datetime values in this format (for example: '2017-08-07T10:09:08' > '2017-08-07T01:07:00').
Set time values
You must send the time parameter in each event as millisecond since epoch. Any other format (such as ISO format) results in a 400 Bad Request response.
Event deduplication
It's highly recommended that you send an insert_id for each event to prevent sending duplicate events to Amplitude. Amplitude ignores subsequent events sent with the same insert_id on the same device_id (if the event has a device_id value) in each app within the past 7 days.
Device IDs and User IDs minimum length
Device IDs and User IDs must be strings with a length of 5 characters or more. This is to prevent potential instrumentation issues. If an event contains a device ID or user ID that's too short, the ID value is removed from the event.
Override the default minimum length of 5 characters by passing the min_id_length option with the request.
If the event doesn't have a user_id or device_id value, Amplitude can reject the with a 400 status.
Language field
If the language field in the request contains a tag, the tag changes to its human-friendly language name. For example, if a request contains "language": "en-US", it changes to "language": "English" before Amplitude stores it.
The following table shows the list of mappings. Language tags are case-insensitive.
Request
POST https://api2.amplitude.com/2/httpapi
Headers
To send data to Amplitude HTTP V2 API, a Content-Type header must be set to application/json.
Body parameters
| Name | Description |
|---|---|
api_key | Required. String. Amplitude project API key. |
events | Required. []. Array of Events to upload. |
options | Optional. []. Object. |
Event array keys
You can send these keys in the JSON event object. One of user_id or device_id is required, as well as the event_type.
Top-level properties
Ensure that you include properties like session_id at the top level of the event payload. Otherwise, Amplitude can't map the value correctly.
| Name | Description |
|---|---|
user_id | Required if device_id isn't used. String. ID for the user. Must have a minimum length of 5 characters unless overridden with the min_id_length option. |
device_id | Required if user_id isn't used. String. A device-specific identifier, such as the Identifier for Vendor on iOS. If a device_id isn't sent with the event, then it's set to a hashed version of the user_id. |
event_type | Required. String. A unique identifier for your event. Amplitude reserves the following event names for internal use: [Amplitude] Start Session", [Amplitude] End Session", [Amplitude] Revenue", [Amplitude] Revenue (Verified)", [Amplitude] Revenue (Unverified)", and [Amplitude] Merged User". Note: $identify and $groupidentify are predefined for identification and group identification. |
user_agent | Optional. The unparsed and untruncated user agent string from the users device. Amplitude parses and transforms this string into user properties on an event. |
time | Optional. The timestamp of the event in milliseconds since epoch. If time isn't sent with the event, then it's set to the request upload time. |
event_properties | Optional. Object. A dictionary of key-value pairs that represent data to send along with the event. You can store property values in an array. Date values are transformed into string values. Object depth may not exceed 40 layers. |
user_properties | Optional. Object. A dictionary of key-value pairs that represent data tied to the user. You can store property values in an array. Date values are transformed into string values. User property operations ($set, $setOnce, $add, $append, $unset) are supported when event_type is $identify. Object depth may not exceed 40 layers. |
groups | Optional. Object. This feature is available to Growth or Enterprise customers who've purchased the Accounts add-on. This field adds a dictionary of key-value pairs that represent groups of users to the event as an event-level group. You can track up to 5 unique group types and 10 total group values per event. Any groups past that threshold aren't tracked. |
group_properties | Optional. Object. This feature is available to customers who've purchased the Accounts add-on. When "event_type" is $groupidentify, the field is a dictionary of key-value pairs that represent properties tied to the groups listed in the "groups" field. The field is ignored for other event types. Group property operations ($set, $setOnce, $add, $append, $unset) are also supported. |
$skip_user_properties_sync | Optional. Boolean. When true user properties aren't synced. Defaults to false. |
app_version | Optional. String. The current version of your application. |
platform | Optional. String. Platform of the device. |
os_name | Optional. String. The name of the mobile operating system or browser that the user is using. |
os_version | Optional. String. The version of the mobile operating system or browser the user is using. |
device_brand | Optional. String. The device brand that the user is using. |
device_manufacturer | Optional. String. The device manufacturer that the user is using. |
device_model | Optional. String. The device model that the user is using. |
carrier | Optional. String. The carrier that the user is using. |
country | Optional. String. The current country of the user. |
region | Optional. String. The current region of the user. |
city | Optional. String. The current city of the user. |
dma | Optional. String. The current Designated Market Area of the user. |
language | Optional. String. The language set by the user. |
price | Optional. Float. The price of the item purchased. Required for revenue data if the revenue field isn't sent. You can use negative values for refunds. |
quantity | Optional. Integer. The quantity of the item purchased. Defaults to 1 if not specified. |
revenue | Optional. Float. Revenue = (price x quantity). If you send all 3 fields of price, quantity, and revenue, then the revenue value is (price x quantity). Use negative values for refunds. |
productId | Optional. String. An identifier for the item purchased. You must send a price and quantity or revenue with this field. |
revenueType | Optional. String. The type of revenue for the item purchased. You must send a price and quantity or revenue with this field. |
currency | Optional. String. The currency for the purchased item, specified as a 3-character uppercase ISO 4217 code (for example, USD, EUR). |
location_lat | Optional. Float. The current Latitude of the user. |
location_lng | Optional. Float. The current Longitude of the user. |
ip | Optional. String. The IP address of the user. Use $remote to use the IP address on the upload request. Amplitude uses the IP address to reverse lookup a user's location (city, country, region, and DMA). Amplitude can drop the location and IP address from events after they reach Amplitude servers. Contact the Support team to configure this. |
idfa | Optional. String. (iOS) Identifier for Advertiser. |
idfv | Optional. String. (iOS) Identifier for Vendor. |
android_app_set_id | Optional. String. (Android) Identifier for vendor+ |
adid | Optional. String. (Android) Google Play Services advertising ID |
android_id | Optional. String. (Android) Android ID (not the advertising ID) |
event_id | Optional. Integer. (Optional) An incrementing counter to distinguish events with the same user_id and timestamp from each other. Amplitude recommends you send an event_id, increasing over time, especially if you expect events to occur simultaneously. |
session_id | Optional. Long. The start time of the session in milliseconds since epoch (Unix Timestamp), necessary if you want to associate events with a particular system. A session_id of -1 is the same as no session_id specified. |
insert_id | Optional. String. A unique identifier for the event. Amplitude deduplicates subsequent events sent with the same device_id and insert_id within the past 7 days. Amplitude recommends generating a UUID or using some combination of device_id, user_id, event_type, event_id, and time. |
plan | Optional. Object. Tracking plan properties. Amplitude supports only branch, source, version properties. |
plan.branch | Optional. String. The tracking plan branch name. For example: "main". |
plan.source | Optional. String. The tracking plan source. For example: "web". |
plan.version | Optional. String. The tracking plan version. For example: "1", "15". |
Options
| Name | Description |
|---|---|
min_id_length | Optional. Integer. Overrides the default minimum length of 5 for user_id & device_id fields. |
Response
Amplitude recommends that you implement retry logic and send an insert_id (used for deduplication of the same event) in your events. This prevents lost events or duplicated events if the API is unavailable or a request fails.
Logging errors
Amplitude recommends that you add your own logging to capture responses that receive a response other than 200.
200
200 OK: Successful real time event upload. If you don't receive a 200 OK response, retry your request.
{
"code": 200,
"events_ingested": 50,
"payload_size_bytes": 50,
"server_upload_time": 1396381378123
}
| Name | Description |
|---|---|
code | Integer. 200 success code |
events_ingested | Integer. The number of events ingested from the upload request. |
payload_size_bytes | Integer. The size of the upload request payload in bytes. |
server_upload_time | Long. The time in milliseconds since epoch (Unix Timestamp) that Amplitude's event servers accepted the upload request. |
400
400 Bad Request. A 400 indicates invalid upload request. Check the response for more information.
Possible reasons for an invalid request:
- The request body isn't valid JSON. The
errorreturned is "Invalid JSON request body". - The request body is missing required fields. The
errorreturned is "Request missing required field", and indicates which fields are missing. - The events object has invalid fields.
events_with_invalid_fieldsmaps field names to the index of the first event that returns an error. - Some devices are silenced.
Properties (invalid or missing JSON)
| Name | Description |
|---|---|
code | Integer. 400 error code |
error | String. Error description. Possible values are Invalid request path, Missing request body, Invalid JSON request body, Request missing required field, Invalid event JSON, Invalid API key, Invalid field values on some events |
missing_field | String. Indicates which request-level required field is missing. |
events_with_invalid_fields | Object. A map from field names to an array that contains the index of the first event to encounter an error. |
events_with_missing_fields | Object. A map from field names to an array that contains the index of the first event to encounter an error. |
Properties (SilencedDeviceID)
| Name | Description |
|---|---|
code | Integer. 400 error code |
error | String. Error description. |
eps_threshold | Integer. Your app's current events per second threshold. If you exceed this rate your requests are throttled. |
exceeded_daily_quota_devices | Object. A map from device_id to its current number of daily events, for all devices that exceed the app's daily event quota. |
silenced_devices | [string]. Array of device_ids that Amplitude has silenced. |
silenced_events | [integer]. Array of indexes in the events array indicating events whose device_id got silenced. |
throttled_devices | Object. A map from device_id to its current events per second rate, for all devices that exceed the app's current threshold. |
throttled_events | [integer]. Array of indexes in the events array indicating events whose user_id or device_id got throttled |
403 (forbidden)
403 Forbidden. The request is blocked by Amplitude's Web Application Firewall (WAF).
Possible reasons for the response:
- The request contains invalid values within the Header, Body, and/or URI that match our security filters
- The request is from a sanctioned region from which Amplitude isn't allowed to accept requests.
{
"code": 403,
"error": "Forbidden"
}
Properties
| Name | Description |
|---|---|
code | Integer. 403 error code |
error | String. Error description. |
413 (payload too large)
413 Payload Too Large. The payload size is too big (request size exceeds 1MB). Split your events array payload into multiple requests and try again.
{
"code": 413,
"error": "Payload too large"
}
Properties
| Name | Description |
|---|---|
code | Integer. 413 error code |
error | String. Error description. |
429 (too many requests)
429 Too Many Requests. Too many requests for a user or device. Amplitude throttles requests for users and devices that exceed 30 events per second (measured as an average over a recent time window). You should pause sending events for that user or device for a period of 30 seconds before retrying and continue retrying until you no longer receive a 429 response.
{
"code": 429,
"error": "Too many requests for some devices and users",
"eps_threshold": 30,
"throttled_devices": {
"C8F9E604-F01A-4BD9-95C6-8E5357DF265D": 31
},
"throttled_users": {
"datamonster@amplitude.com": 32
},
"throttled_events": [
3,
4,
7
]
}
Properties
| Name | Description |
|---|---|
code | Integer. 429 error code |
error | String. Error description. |
eps_threshold | Integer. Your app's current events per second threshold. If you exceed this rate your requests are throttled. |
throttled_devices | Object. A map from device_id to its current events per second rate, for all devices that exceed the app's current threshold. |
throttled_users | Object. A map from user_id to their current events per second rate, for all users that exceed the app's current threshold. |
throttled_events | Array of indexes in the events array indicating events whose user_id or device_id were throttled. |
Server Error 500, 502, 504
500, 502, and 504 Server Error. Amplitude encountered an error while handling the request. A request with this response may not have been accepted by Amplitude. If you retry the request, it could duplicate the events. To avoid duplication, send an insert_id in your requests.
503 Service Unavailable
503 Service Unavailable. Request failed because of an internal Amplitude issue. Retrying a request with a 503 response doesn't risk duplicating events.
Was this helpful?