Enterprise

See below for the rate limits in the Enterprise subscription type.

/

Tenant Burst Request Limit Sustained Request Limit Peak Request Limit
Production 100 100/second N/A
Production (2x performance) 100 100/second 200 burst; 200/second sustained
Non-production 100 100/second N/A

Endpoint Method Burst Request Limit Sustained Request Limit Limit Type
User Info GET, POST 10 5/minute To a unique User ID
Change Password

Reset Password with Universal Login
POST 10 1/minute From an IP Address to a unique Email Address
Signup* POST 50 50/minute From an IP Address
Get Passwordless Code or Link GET, POST 50 50/hour From an IP Address
Native Social Login (Apple / Facebook Only) POST 50 500/minute Any Request for Apple or Facebook Native Social Login
*Represents the default limit. You can configure the Signup endpoint limit in Auth0 Dashboard. To learn more, read Suspicious IP Throttling.

/

Tenant Environment Burst Request Limit Sustained Request Limit
Production 50 16/second
Non-production 10 2/second

Endpoint Method Burst Request Limit Sustained Request Limit Limit Type
Get Organizations by Name GET 20 200/minute Any request
Create an Organization POST, PATCH, DELETE 5 150/minute Any request
Get Organization Members GET 40 500/minute Any request
Add Organization Members POST, DELETE 20 200/minute Any request
Get Organization invitation GET 20 200/minute Any request
Get Organization Member Roles GET 20 200/minute Any request
Create Organization Member Roles POST, DELETE 20 200/minute Any request
Get Organization Connections GET 10 100/minute Any request
Create Organization Connections POST, PATCH, DELETE 5 150/minute Any request
Verify Custom Domain POST 5 5/minute Any request
Get Status Connection GET 100 15/second Any request
Rotate Signing Keys POST 5 5/day Any request
Get Partials for a Prompt GET 5 5/minute Any request
Create Partials for a Prompt PUT 5 5/minute Any request
Get sessions for a User GET 50 16/second Any request
Get refresh tokens for a User GET 50 16/second Any request
Get a session GET 50 16/second Any request
Get a refresh token GET 50 16/second Any request
Delete user sessions DELETE 25 8/second Any request
Delete user refresh tokens DELETE 25 8/second Any request
Delete session DELETE 25 8/second Any request
Delete refresh token DELETE 25 8/second Any request

/

Limit Type Endpoint Path Operation Limit
Single SCIM connection endpoint /scim/v2/connections/{connection-id} Any request 25 requests per second
Global tenant limit for all SCIM connections /scim/v2/connections/* Any request 100 requests per second