API Rate Limits Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Average Rating:
API Rate Limits
Published: Jan 11, 2017   -   Updated: Sep 19, 2017

API Rate Limits

API rate limits are documented in Okta API Rate Limiting. Please update your bookmarks before October 15, 2017, as this article will be removed on October 15.

Post a Comment


  • Okta Admin on August 2, 2017

    The link "Okta API Rate Limiting" does not work.

  • Joel Geyer on July 17, 2017

    Please consider clarifying these additional relevant and important points for customers:

    1) Is EVERY call to a customer's tenant logged and made available through the customer's system log (UI & API) feature?  
    If no, then please provide all exceptions e.g. not though the UI; only success calls; not calls made by outside systems;  not calls to certain paths;  calls without a valid token etc.
    2) Is the data in the system log, made available to customers, the same or accurate reproduction of  the entire data set that Okta uses to:  a) meter API limits b) provided to Okta support for analysis of rate limit issues?  
    (see more)
  • Joel Geyer on July 17, 2017

    Which official documentation is correct?  This article or https://help.okta.com/en/prev/Content/Topics/Security/API.htm#api_rate_limiting

    This article does not have a deprecation notice and updated recently mid June.   Yet it conflicts with the very documentation it references for more detail.

    The "For more information link" navigates to a deprecated knowledge article.  Which then provides a link to the latest information:  https://help.okta.com/en/prev/Content/Topics/Security/API.htm#api_rate_limiting 

    The latest security documentation,  a) has different limits listed than this article -- e.g. "/api/v1/" 1,000 vs. 1,200.   The security documentation has nothing to say about the "exact URL" only concept.   The API security article has more paths and doesn't call out the same subpaths.