Management rate limits

    This page provides the API rate limits for management activities, which is part of the Okta rate limits.

    Note:

    • To learn more about rate limits, visit our overview and best practices pages.
    • DynamicScale rate limits apply to various endpoints across different APIs for customers who purchased this add-on. (The DynamicScale add-on service is only available to Customer Identity Solutions (CIS) customers.)
    • In addition to the rate limit per API, Okta implements limits on concurrent requests, Okta-generated email messages, end user requests, and home page endpoints. These limits are described on the Additional limits page.
    • You can expand Okta rate limits upon request. To learn how, see Request exceptions and DynamicScale rate limits.
    • API endpoints that end with an asterisk (for example, /api/v1/apps*) refer to calls that use that base schema and don't match a specific endpoint.

    See the following list of per-minute limits. If an endpoint isn't in this list, you can review it using the Admin Console, in the rate limit dashboard's APIs table. See APIs table.

    Action and Okta API endpoint Integrator Free Plan One App Enterprise Workforce identity
    Create, list, or other app actions:
    Calls to the /api/v1/apps endpoint and all other endpoints of the form /api/v1/apps/* including /api/v1/apps/{id}/*    		 20 100 100 100
    Get, update, or delete an app by ID:
    Explicit calls to the app instance: /api/v1/apps/{id}    		 100 600 600 500
    Create or list groups:
    /api/v1/groups except /api/v1/groups/{id}    		 100 600 600 500
    Get, update, or delete a group by ID:
    /api/v1/groups/{id} only    		 100 600 600 1,000
    Create or list users:
    Only GET or POST to /api/v1/users    		 100 600 600 600
    Update or delete a user by ID:
    Only POST, PUT, or DELETE to /api/v1/users/{id}    		 100 600 600 600
    Get System Log data:
    /api/v1/logs    		 20 50 50 120
    Get System Log data:
    /api/v1/events    		 20 50 50 100
    OAuth2 client configuration requests:
    /oauth2/v1/clients    		 25 100 100 100
    Most other API actions:
    /api/v1    		 100 600 600 1,200
    Create an email address bounces remove list:
    /api/v1/org/email/bounces/remove-list    		 10 30 60 60
    Get a user by ID or sign in
    Only GET to /api/v1/users/{idOrLogin}    		 100 1,000 1,000 2,000
    /api/v1/certificateAuthorities 100 150 150 100
    /api/v1/devices 100 150 150 100
    Edit This Page On GitHub