Entity Limit Policy

Effective Date: 19 May 2020

This policy is effective for all tenants with Self-Service subscriptions made on or after 19 May 2020. Starting on 18 June 2020, the policy will apply to all tenants with Self-Service subscriptions, including but not limited to paid and free subscriptions.

Entities in Auth0 are tenant configuration elements such as applications, connections, rules, and API resource servers.

Entity limits are hard limits on entities that are enforced for the health of our platform; they are not a component of pricing, though they can differ for groups of pricing plans. Individual pricing plans have separate limitations, which refer to the entitlements you receive when you subscribe to a given plan. (To learn what your pricing plan limitations are, see Auth0 Pricing.)

For example, if the platform for the group of pricing plans in which your subscription is included had an entity limit of 10 rules. If you were subscribed to a pricing plan with a limit of 5 rules, and you needed to write 6 rules, the platform would allow you to write a 6th rule but would request that you upgrade your pricing plan. Conversely, if you were subscribed to a pricing plan with 10 rules, the platform itself would prevent you from creating an 11th rule.

Auth0 provides notifications to you when you are approaching (80%) and when you have reached your respective entity limits (100% or higher). We will also provide messages to prevent you from attempting to configure entities that would be rejected because they would put you over the platform limit. Here is an example of a message you would see if you reached your connection limit for the platform:

Entity Limit Policy Entity Limit Reached Screen

Entity counts may take a few seconds to update. If you see a warning that you believe is in error, try again after a few seconds, or contact support if the issue persists.

Entity	Maximum
Organizations per tenant	100,000
Members per organization	100,000
Connections per organization	10
Role assignments per organization member	50

Entity	Maximum
Applications	100
Connections	100
Rules	10
API Resource Servers	100

The Authorization Core Role-Based Access Control (RBAC) feature set is subject to the following limits:

Feature	Limit
Roles per tenant	1000
Scopes per API	1000
Roles per user	50
Permissions per user	1000
Permissions per role	1000

Note that limitations on permissions per user affect those assigned directly. Technically, a user could have more permissions than noted if the permissions were assigned to different roles and then the roles were assigned to the user.

Entity	Maximum
Applications	10
Connections	10
Rules	3
API Resource Servers	10

Docs