> ## Documentation Index > Fetch the complete documentation index at: https://auth0.generaltranslation.app/llms.txt > Use this file to discover all available pages before exploring further. > Rate limits for the self service public subscription type # Self Service See below for the rate limit policies for the Self service subscription type.

API	Burst Request Limit	Sustained Request Limit
Authentication API	25	25/second

Endpoint	Method	Burst Request Limit	Sustained Request Limit	Limit Type
User Info	`GET`, `POST`	10	5/minute	To a unique User ID
Change Password Reset Password with Universal Login	`POST`	10	1/minute	From an IP Address to a unique Email Address
Get Passwordless Code or Link	`GET`, `POST`	50	50/hour	From an IP Address
Native Social Login (Apple / Facebook Only)	`POST`	50	500/minute	Any Request for Apple or Facebook Native Social Login
Dynamic Application (Client) Registration	`POST`	5	5/second	Any request
Universal Logout	`POST`	35	35/second	Any request
Pushed Authorization Requests (PAR)	`POST`	100	100/second	From an IP Address
Back-Channel authorize (CIBA)	`POST`	500	500/minute	From an IP Address
Device code activation (no prompt)	`POST`	30	6/second	From an IP Address
Device code authorization	`POST`	5	5/second	From an IP Address
MFA OOB token exchange	`POST`	12	12/minute	To a unique session

\*Represents the default limit. You can configure the Signup endpoint limit in Auth0 Dashboard. To learn more, read [Suspicious IP Throttling](/docs/secure/attack-protection/suspicious-ip-throttling).

Endpoint	Method	Burst Request Limit	Sustained Request Limit	Limit Type
Read Organizations	`GET`	5	50/minute	Any request
Read Organizations by ID	`GET`	20	200/minute	Any request
Read Organizations by Name	`GET`	10	100/minute	Any request
Write Organizations	`POST`, `PATCH`, `DELETE`	5	25/minute	Any request
Read Organization Members	`GET`	40	500/minute	Any request
Write Organization Members	`POST`, `DELETE`	20	200/minute	Any request
Read Members of an Organization	`GET`	20	200/minute	Any request
Read Organization Member Roles	`GET`	20	200/minute	Any request
Write Organization Member Roles	`POST`, `DELETE`	20	200/minute	Any request
Read Organization Connections	`GET`	5	50/minute	Any request
Write Organization Connections	`POST`, `PATCH`, `DELETE`	5	25/minute	Any request
Read Users	`GET`	40	500/minute	Any request
Write Users	`POST`, `PATCH`	20	200/minute	Any request
Write Users	`DELETE`	20	200/minute	Any request
Read Logs	`GET`	10	100/minute	Any request
Read Clients	`GET`	5	100/minute	Any request
Read Connections	`GET`	5	50/minute	Any request
Write Device Credentials	`POST`, `DELETE`	5	100/minute	Any request
Write Custom Domain	`POST`	5	5/minute	Any request
Read Status Connection	`GET`	100	15/second	Any request
Write Signing Keys	`POST`	5	5/day	Any request
Read Partials for a Prompt	`GET`	5	5/minute	Any request
Write Partials for a Prompt	`PUT`	5	5/minute	Any request
Read Clients Only applies to the usage of the `q` parameter.	`GET`	5	150/minute	Any request
Read Organization Client Grants	`GET`	10	100/minute	Any request
Write Organization Client Grants	`POST`	5	150/minute	Any request
Write email templates	`POST`, `PATCH`, `DELETE`	5	25/minute	Any request
Read email templates	`GET`	10	50/minute	Any request
Write email provider	`POST`, `PATCH`, `DELETE`	5	25/minute	Any request
Read email provider	`GET`	5	25/minute	Any request
All other Endpoints Combined	N/A	10	150/minute	Any request

Limit Type	Endpoint Path	Operation	Limit
Single SCIM connection endpoint	`/scim/v2/connections/{connection-id}`	Any request	25 requests per second
Global tenant limit for all SCIM connections	`/scim/v2/connections/*`	Any request	100 requests per second

Endpoint	Method	Burst Request Limit	Sustained Request Limit	Limit Type
Universal login prompts (global)	`GET`, `POST`	500	500/minute	From an IP Address
Universal login prompts (per prompt)	`GET`	20	10/minute	From an IP Address and state value.
Universal login prompts (per prompt)	`POST`	10	5/minute	From an IP Address
Password reset prompt	`GET`	500	500/minute	From an IP Address
MFA push enrollment prompt	`GET`, `POST`	500	500/minute	From an IP Address
MFA push challenge prompt	`GET`, `POST`	500	500/minute	From an IP Address
MFA SMS enrollment prompt	`GET`	20	10/minute	From an IP Address
MFA SMS enrollment prompt	`POST`	10	5/minute	From an IP Address
MFA SMS enrollment verify prompt	`GET`	20	10/minute	From an IP Address
MFA SMS enrollment verify prompt	`POST`	10	5/minute	From an IP Address
Passwordless SMS challenge prompt	`GET`, `POST`	5	5/minute	From an IP Address
Passwordless email challenge prompt	`GET`, `POST`	5	5/minute	From an IP Address
Phone verification enrollment prompt	`GET`, `POST`	5	5/minute	From an IP Address
Phone verification challenge prompt	`GET`, `POST`	5	5/minute	From an IP Address
Device code prompt	`GET`, `POST`	5	5/second	From an IP Address

Endpoint	Burst Request Limit	Sustained Request Limit	Limit Type	Limit
OTP (6 numeric digits) failures	10	10	per hour	To a unique User ID
Recovery code failures	10	10	per hour	To a unique User ID
Webauthn challenge failures	15	15	per minute	To a unique User ID
Webauthn challenge generated	15	15	per minute	To a unique User ID
Push notifications sent per user	5	5	per minute	To a unique User ID
SMS sent per user	10	1	per hour	To a unique User ID
Email sent per user	20	1	per minute	To a unique User ID