Hi ,
As per the Documentation Org Limits the token.creation.rate.per.minute is 300.
Does this mean we can have 300 access token per credential ?
if not what is the max limit on the number of access tokens that can be created per client credentials ?
will the api rate limit apply as a whole to client credential or will it applied per access token ?
Thanks
Hi Deva,
Basically you 300 API calls per minute per OAuth with a maximum of 10 OAuth client credential grants allowed. You can request through our Customer care site to set up a single OAuth Client with 3000 API calls per minute, but we never allow more than 3000 API calls per minute across all of your OAuth clients.
Our rate limits are meant to be hygienic and warn you that you are doing something wrong with the APIs. Many times developers inadvertently try to poll our APIs to retrieve data instead of using our notification service or AWS event bridge integration to receive an event stream of messages.
For further information on all of these topics, I suggest you take a look at the integration video I did last year that walks through all of this. Here is the video.
Thanks for the Information 
Hi John. I could not find that
in the docs. Only this one, but it says it is 100, not 10:
Also, you say that
But, as far as I understand, the docs say that that limit is per token, and not per client:
Because of that, I thought the limit was 90,000 requests per client (300 requests/token * 300 tokens/client). You might clarify it in the docs, as per this topic, it looks like I was not the only one with doubts about it.
Hi Adrian,
Generally, when I talk to people about OAuth clients I keep it at a client credential level. It is really at a token level, but the reality is that you can have no more than 10 tokens with 300 requests per token. The reason I keep it at a credential level is that when I do get down to the token level, I have seen devs get clever and see if they can bypass our limits by getting more than 10 tokens (and they still run into problems.)
You can have a maximum of 100 client credential grants, but even then you can only have 300 request pers token so if you stick to 1 token=1 client and keep it simple you call to do no more then 3000 requests total.
Thanks,
John Carnell
Director, Developer Engagement
Oh, thank you John. One more question: Does this only apply to Client Credentials grant type? How does that 3000 requests limit affect the user-scoped grant types?
Hi Adrian,
Let me get back to you on that. I think there is a limit on user-scoped grant types, but I want to make sure I have the number before I give it to you.
Thanks,
John Carnell
Director, Developer Engagement
Hello John. Did you check this? Thank you
Hi Adrian,
I just checked with our public API team. It is still 300 requests per token even for a user-based token. Sorry for the delay.
Thanks,
John Carnell
Director, Developer Engagement
Hello @John_Carnell
Sorry, but I was asking if that 3,000 requests limit was across all OAuth Clients, or if it was only across the Client Credential ones.
Please, correct me if/where I'm wrong:
Also, I suppose that when you said that
you did it so 10 tokens * 300 requests per token = 3,000. But as long as the total number of 3,000 requests was not exceeded, it would be possible to have more than 10 tokens at the same time, right? For example, having 200 tokens making 15 requests each. Am I right?
Again, I'm sorry, this is quite confusing to me 
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
