API rate limits for Identity Server
The Identity Service enforces rate limits on API requests to ensure consistent performance and availability for all customers. Rate limits are applied per organization and measured over a five-minute interval.
When you exceed a rate limit, the service returns HTTP 429 (Too Many Requests) responses. Plan your integration to stay within these limits to avoid request throttling.
Table 1. Rate limits
| HTTP method | Maximum requests per 5 minute per organization |
|---|---|
GET | 300 |
POST | 24.000 |
PUT | 160 |
PATCH | 160 |
DELETE | 160 |
note
All limits are evaluated in five-minute windows per organization.