Enterprise

See below for the rate limits in the Enterprise subscription type.

Authentication API

Rate limits for the Authentication API and API endpoints in the Enterprise subscription type.

Tenant	Burst Request Limit	Sustained Request Limit	Peak Request Limit
Production	100	100/second	N/A
Production (2x performance)	100	100/second	200 burst; 200/second sustained
Non-production	100	100/second	N/A

Endpoint	Method	Burst Request Limit	Sustained Request Limit	Limit Type
User Info	`GET`, `POST`	10	5/minute	To a unique User ID
Change Password Reset Password with Universal Login	`POST`	10	1/minute	From an IP Address to a unique Email Address
Signup*	`POST`	50	50/minute	From an IP Address
Get Passwordless Code or Link	`GET`, `POST`	50	50/hour	From an IP Address
Native Social Login (Apple / Facebook Only)	`POST`	50	500/minute	Any Request for Apple or Facebook Native Social Login

*Represents the default limit. You can configure the Signup endpoint limit in Auth0 Dashboard. To learn more, read Suspicious IP Throttling.

Management API

Rate limits for the Management API, API endpoints, and API endpoint groups in the Enterprise subscription type.

Tenant Environment	Burst Request Limit	Sustained Request Limit
Production	50	16/second
Non-production	10	2/second

Endpoint	Method	Burst Request Limit	Sustained Request Limit	Limit Type
Get Organizations by Name	`GET`	20	200/minute	Any request
Create an Organization	`POST`, `PATCH`, `DELETE`	5	150/minute	Any request
Get Organization Members	`GET`	40	500/minute	Any request
Add Organization Members	`POST`, `DELETE`	20	200/minute	Any request
Get Organization invitation	`GET`	20	200/minute	Any request
Get Organization Member Roles	`GET`	20	200/minute	Any request
Create Organization Member Roles	`POST`, `DELETE`	20	200/minute	Any request
Get Organization Connections	`GET`	10	100/minute	Any request
Create Organization Connections	`POST`, `PATCH`, `DELETE`	5	150/minute	Any request
Verify Custom Domain	`POST`	5	5/minute	Any request
Get Status Connection	`GET`	100	15/second	Any request
Rotate Signing Keys	`POST`	5	5/day	Any request
Get Partials for a Prompt	`GET`	5	5/minute	Any request
Create Partials for a Prompt	`PUT`	5	5/minute	Any request
Get sessions for a User	`GET`	50	16/second	Any request
Get refresh tokens for a User	`GET`	50	16/second	Any request
Get a session	`GET`	50	16/second	Any request
Get a refresh token	`GET`	50	16/second	Any request
Delete user sessions	`DELETE`	25	8/second	Any request
Delete user refresh tokens	`DELETE`	25	8/second	Any request
Delete session	`DELETE`	25	8/second	Any request
Delete refresh token	`DELETE`	25	8/second	Any request
Get Clients Only applies to the usage of the `q` parameter.	`GET`	5	150/minute	Any request
Get Organization Client Grants	`GET`	10	100/minute	Any request
Create Organization Client Grants	`POST`	5	150/minute	Any request

SCIM API

Rate limits for the inbound SCIM API endpoints in Public cloud subscriptions that include Enterprise connections.

Limit Type	Endpoint Path	Operation	Limit
Single SCIM connection endpoint	`/scim/v2/connections/{connection-id}`	Any request	25 requests per second
Global tenant limit for all SCIM connections	`/scim/v2/connections/*`	Any request	100 requests per second