Rate Limits & Anti-Ban Protection

BeReach enforces rate limits and safety guards on every API call to protect your LinkedIn account. You don't need to configure anything — it's all built in.

Rate limits by action type

Every action has a daily and weekly cap, plus a minimum interval between calls. These are the base limits — trusted accounts get 3x automatically.

Action	Base daily	Base weekly	Trusted (3x) daily	Trusted (3x) weekly	Interval
Profile visit	350	1,750	1,050	5,250	2s
Connection request	30	200	90	600	5s
Message	100	400	300	1,200	5s
Comment	10	—	30	90	5s
Scraping (search, likes, comments, posts)	300	—	750	—	2s
Post (publish, edit, repost)	3	—	9	—	5s

Comments are the highest-risk action

Commenting on others' posts is the most detectable action on LinkedIn. That's why the limit is intentionally low — even at 3x, you get 30/day max.

How to get 3x limits (trust-based multiplier)

After 7 days on Pro, BeReach runs a weekly health check on your account. If your health score reaches 60 or above, your limits upgrade to 3x automatically.

The health score evaluates:

Valid credentials — your LinkedIn session is active
Complete profile — photo, headline, summary, experience
100+ connections — minimum network size
Recent posts — some publishing activity
Recent activity — regular usage in the past weeks

Referral boost: referring a friend adds a 2x multiplier on top — up to 6x total.

Warmup strategy

New accounts or accounts that haven't been active should not jump to full volume. See the multi-account guide for a week-by-week ramp-up plan.

The short version: start with 5-10 actions/day for 2 weeks, then gradually increase. Let your OpenClaw agent audit your account and propose a warmup plan.

Built-in safety guards

These protections run on every API call — you can't bypass them.

Visit-before-connect — Connection requests to profiles you haven't visited first are blocked. LinkedIn expects you to look at a profile before connecting.

Do-not-contact — Contacts flagged as do-not-contact are blocked from all targeting actions (connect, message, follow). One flag protects them across every endpoint.

Connection dedup — Weekly per-profile dedup prevents sending the same connection request twice. A same-day retry guard blocks retries after a failed attempt.

Campaign dedup — Per-profile per-campaign tracking prevents duplicate messages, likes, and comments across sessions.

Credential auto-detection — If LinkedIn returns a 401 or 403, credentials are automatically marked invalid to stop further risky calls. Use POST /me/linkedin/revalidate to recover once your session is refreshed.

Adaptive pacing

Every action has random jitter built in: 2-6 seconds for reads, 5-10 seconds for writes. No fixed intervals, no detectable patterns. Bulk operations use durable server-side workflows with built-in pacing — not client-side timers.

Proxies

BeReach routes all requests through ISP and residential proxies automatically matched to your country. Sticky sessions with configurable rotation (1-720 hours). On failure, the system retries with a shorter session, then falls back to a broader IP pool.

No datacenter IPs are ever used. Your requests look like normal browser traffic.

Checking your limits

Use GET /me/limits to see your real-time daily and weekly counters for every action type. The response includes remaining capacity, current usage, and next reset time.

Use GET /me/credits to check your credit balance and whether your account has unlimited credits (Pro).

Every API response includes a retryAfter field (in seconds). When you hit a limit, this tells you exactly how long to wait. AI agents like OpenClaw check limits before each tool call and pause automatically when approaching caps.

Let your agent handle it

OpenClaw checks GET /me/limits before every batch automatically. You don't need to monitor limits manually — the agent respects them by design.

For the full marketing overview of our anti-ban system, see the Anti-Ban Protection landing page.