Entity Limit Policy
Entities in Auth0 are tenant configuration elements such as applications, connections, rules, and API resource servers.
Entity limits are hard limits on entities that are enforced for the health of our platform; they are not a component of pricing, though they can differ for groups of pricing plans. Individual pricing plans have separate limitations, which refer to the entitlements like MAU and Enterprise Connections you receive when you subscribe to a given plan. (To learn what your pricing plan limitations are, see Auth0 Pricing.)
Global subscription plan limits
This section lists limits that apply to all subscription plans.
The Organizations feature is subject to the following limits:
| Entity | Maximum |
|---|---|
| Organizations per tenant | 100,000 |
| Members per organization | 100,000 |
| Connections per organization | 10 |
| Role assignments per organization member | 50 |
| M2M client grants per organization | 100 (Public Cloud)
|
Customers on Enterprise plans can request increased entity limits for Organizations per tenant and Organization members per Organization by contacting support.
These limits can be increased to 2,000,000 Organizations per tenant and 2,000,000 Organization members per Organization on public cloud. On private cloud instances, these entities are unlimited.
The Authorization Core Role-Based Access Control (RBAC) feature set is subject to the following limits:
| Feature | Limit |
|---|---|
| Roles per tenant | 1000 |
| Scopes per API | 1000 |
| Roles per user | 50 |
| Permissions per user | 1000 |
| Permissions per role | 1000 |
Note that limitations on permissions per user affect those assigned directly. Technically, a user could have more permissions than noted if the permissions were assigned to different roles and then the roles were assigned to the user.
Refresh tokens are also subject to limitation. Refresh tokens have a limit of 200 valid tokens per user per application. If the limit is reached and a new refresh token is created, the system revokes or deletes the oldest token for that user in the application. Revoked tokens and expired tokens do not count against the limit.
| Token type | Per user / application |
|---|---|
| Refresh | 200 |
The Forms feature is subject to the following limits:
| Feature | Limit |
|---|---|
| Forms per tenant | 500 |
| Flows per tenant | 500 |
Enterprise subscription limits
| Entity | Maximum |
|---|---|
| API Resource Servers | 100,000 |
| Application credentials | 2,000 |
Self-service paid subscription limits
| Entity | Maximum |
|---|---|
| Applications | 100 |
| Connections | 100 |
| Rules | 10 |
| API Resource Servers | 100 |
Free subscription limits
Free tenants only support a maximum of two social connections.
| Entity | Maximum |
|---|---|
| Applications | 10 |
| Connections | 100 |
| Rules | 3 |
| API Resource Servers | 10 |
| Admins (including on Teams) | 3 |
Any use of the term "unlimited" means that there are no hard limits, but the threshold is subject to system limitations set by Okta. Please reach out to support if you have any questions on these limits.