Rate limits
# Rate limits
Asgardeo endpoints are subjected to rate limits to maintain smooth and reliable processing of requests, preventing system failures and slowdowns. These rate limits are applied globally across all tiers of Asgardeo subscriptions.
Rate limits are calculated on a per IP address basis. For example, if the rate limit for an endpoint is 200, it means that the maximum number of requests you can make to this endpoint from a single IP address is 200 per minute.
Exceeding the rate limit results in a 429 Too Many Requests error code (opens new window).
Listed below are the endpoints and the rate limits that apply to each endpoint.
| Endpoint | Rate limit per IP (per minute) |
|---|---|
| /api/identity/recovery/ | 200 |
| /me/ | 200 |
| /scim2/Me | 200 |
| /api/users/ | 200 |
| /scim2/ | 200 |
| /api/asgardeo-associate/ | 200 |
| /api/asgardeo-guest/ | 200 |
| /api/cloud/ | 200 |
| /api/identity/ | 200 |
| /api/server/ | 200 |
| /.well-known/ | 200 |
| /api/identity/auth/ | 200 |
| /identity/extend-session | 200 |
| /logincontext | 200 |
| /oauth2/token | 200 |
| /oauth2/ | 200 |
| /oidc/ | 200 |
| /samlartresolve | 200 |
| /samlsso | 200 |
| /acs | 200 |
| /authenticationendpoint | 200 |
| /accountrecoveryendpoint | 200 |
| /commonauth | 200 |
| /emailotpauthenticationendpoint | 200 |
| /smsotpauthenticationendpoint | 200 |
| /totpauthenticationendpoint | 200 |