Skip to main content
Entities in Auth0 are tenant configuration elements such as Applications, Connections, Organizations, API , Permissions, Roles, Actions.
Entity limits are hard limits on entities that are enforced for the health of our platform; they are not a component of pricing, though they can differ for groups of pricing plans. Individual pricing plans have separate limitations, which refer to the entitlements like MAU and Enterprise Connections you receive when you subscribe to a given plan. (To learn what your pricing plan limitations are, see Auth0 Pricing.)
Any use of the term “unlimited” means that there are no hard limits, but the threshold is subject to system limitations set by Okta. Please reach out to support if you have any questions on these limits.

Global Subscription Plan Limits

This section lists limits that apply to all subscription plans.

Organizations

EntityLimit
Organizations per Tenant100,000
Members per Organization100,000
Connections per Organization10
Role Assignments per Organization Member50
M2M Client Grants per Organization (Public Cloud)100
M2M Client Grants per Organization (Private Cloud)1000
Custom Token Exchange Profiles100
Customers on Enterprise plans can request increased entity limits for Organizations per tenant and Organization members per Organization by contacting support. These limits can be increased to 2,000,000 Organizations per tenant and 2,000,000 Organization members per Organization on public cloud. On private cloud instances, these entities are unlimited.

Authorization Core Role-Based Access Control (RBAC)

EntityLimit
Roles per Tenant1000
Scopes per API (Resource Servers)1000
Roles per User50
Permissions per User1000
Permissions per Role1000
Note that limitations on Permissions per user affect those assigned directly.Technically, a user could have more Permissions than noted if the Permissions were assigned to different Roles and then the Roles were assigned to the User.
EntityLimit
Refresh Token per User per Application200
If the limit is reached and a new Refresh Token is created, the system revokes or deletes the oldest token for that user in the Application.Revoked tokens and expired tokens do not count against the limit.

Actions

EntityLimit
Actions per Tenant100
Actions per Trigger per Tenant20
Actions Modules per Tenant100
Actions Modules per Action3
Versions per Action50
Versions per Action Module50
Secrets per Action30
Secrets per Action Module30
Dependencies (NPM Modules) per Action10
Dependencies (NPM Modules) per Action Module10
Actions and Actions Modules limits include both deployed and undeployed entities. When deleted, they no longer count toward the specific limit.Actions Versions limits include both draft and active. Once the limit is reached, every additional version that is added will result in the oldest version being deleted.

Forms

EntityLimit
Forms per Tenant500
Flows per Tenant500

Subscription Plan

Enterprise

EntityLimit
API (Resource Servers)100,000
Applications100,000
Client Grants100,000
Application Credentials2,000

Self-service

EntityLimit
Applications100
Client Grants10,000
Connections100
Rules10
API (Resource Servers)100

Free

Free tenants only support a maximum of two social connections.
EntityLimit
Applications10
Client Grants100
Connections100
Rules3
API (Resource Servers)10
Admins (including on Teams)3