← Back to Index

Complete Rate Limit Configuration

Generated from endpoint-bucket-mapping.csv, threshold-v3.csv, and values.yaml

About This Document

This document provides a comprehensive view of all API endpoints and their rate limits across different subscription tiers and deployment environments.

Structure: - Tiers: Subscription plans (Develop, Production, Growth, Enterprise) - Services: API services (Kratos, Hydra, Keto, Polis, etc.) - Environments: Deployment environments (prod, stage, dev)

Rate Limit Format: - Format: {sustained} rpm / {burst} rps - Sustained: Maximum requests per minute (rpm) - Burst: Maximum requests per second (rps) - N/A: Burst value not configured (using legacy rate limit)

Table Organization: - Endpoints are grouped by rate limit bucket - Multiple HTTP methods for the same path are shown in parentheses - Bucket name appears only once per group

Develop Tier

Kratos

Bucket Endpoint Production Staging Develop
kratos-admin-low /admin/identities/{id} (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id} (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-public-low /self-service/errors (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/fed-cm/parameters (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/login (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/login/flows (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/logout (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/methods/oidc/callback (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/recovery (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/recovery/flows (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/registration (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/registration/flows (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/settings (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/settings/flows (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/verification (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/verification/flows (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
/sessions/whoami (GET) 200 rpm / 7 rps 200 rpm / 7 rps 200 rpm / 7 rps
kratos-admin-medium /admin/courier/messages/{id} (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/by/external/{externalID} (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/{id}/sessions (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/sessions (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas/{id} (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups/{id} (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas/{id} (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/ServiceProviderConfig (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users/{id} (GET) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
kratos-public-medium /self-service/login/api (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/login/browser (GET, POST) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/logout/api (DELETE) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/logout/browser (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/oidc/callback/{provider_id} (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/oidc/organizations/{organization_id} (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/saml/callback/{provider_id} (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/saml/organizations/{organization_id} (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/recovery/api (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/recovery/browser (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/registration/api (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/registration/browser (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/settings/api (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/settings/browser (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/verification/api (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/verification/browser (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/sessions (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/sessions/token-exchange (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-admin-high /admin/courier/messages (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities (PATCH, POST) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id} (DELETE, PATCH, PUT) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id}/credentials/{type} (DELETE) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id}/sessions (DELETE) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/recovery/code (POST) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/recovery/link (POST) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id} (DELETE) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id}/extend (PATCH) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Groups (POST) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Groups/{id} (DELETE, PATCH, PUT) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Users (POST) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Users/{id} (DELETE, PATCH, PUT) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-public-high /self-service/fed-cm/token (POST) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/login (POST) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/recovery (POST) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/registration (POST) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/settings (POST) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/verification (POST) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/sessions (DELETE) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps
/sessions/{id} (DELETE) 50 rpm / 2 rps 50 rpm / 2 rps 50 rpm / 2 rps

Hydra

Bucket Endpoint Production Staging Develop
hydra-admin-low /admin/clients/{id} (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent/accept (PUT) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent/reject (PUT) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/device/accept (PUT) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login/accept (PUT) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login/reject (PUT) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout/accept (PUT) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout/reject (PUT) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/sessions/consent (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/introspect (POST) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/device/verify (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/register/{id} (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
hydra-public-low /.well-known/jwks.json (GET) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/openid-configuration (GET) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/ory/webauthn.js (GET) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/consent (GET) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/device/auth (POST) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/fallbacks/logout/callback (GET) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
hydra-admin-medium /admin/clients (GET) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (GET) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (GET) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (GET) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (GET) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/credentials (POST) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-medium /oauth2/auth (GET, POST) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/revoke (POST) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/sessions/logout (GET, POST) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/token (POST) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/userinfo (GET) 40 rpm / N/A 40 rpm / N/A 40 rpm / N/A
hydra-admin-high /admin/clients (POST) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id} (DELETE, PATCH, PUT) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id}/lifespans (PUT) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (DELETE, POST, PUT) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (DELETE, PUT) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/consent (DELETE) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/login (DELETE) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/tokens (DELETE) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (POST) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (DELETE) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-high /oauth2/register (POST) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps
/oauth2/register/{id} (DELETE, PUT) 20 rpm / 2 rps 20 rpm / 2 rps 20 rpm / 2 rps

Keto

Bucket Endpoint Production Staging Develop
keto-public-low /ory.keto.relation_tuples.v1alpha2.CheckService/BatchCheck (POST) 120 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/ory.keto.relation_tuples.v1alpha2.CheckService/Check (POST) 120 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/batch/check (POST) 120 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check (GET, POST) 120 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check/openapi (GET, POST) 120 rpm / N/A 120 rpm / N/A 120 rpm / N/A
keto-admin-medium /opl/syntax/check (POST) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples/expand (GET) 100 rpm / 5 rps 100 rpm / 5 rps 100 rpm / 5 rps
keto-admin-high /admin/relation-tuples (DELETE, PATCH, PUT) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
/namespaces (GET) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps
/ory.keto.relation_tuples.v1alpha2.WriteService/TransactRelationTuples (POST) 60 rpm / 3 rps 60 rpm / 3 rps 60 rpm / 3 rps

Production Tier

Kratos

Bucket Endpoint Production Staging Develop
kratos-admin-low /admin/identities/{id} (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id} (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-public-low /self-service/errors (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/fed-cm/parameters (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/login (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/login/flows (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/logout (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/methods/oidc/callback (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/recovery (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/recovery/flows (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/registration (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/registration/flows (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/settings (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/settings/flows (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/verification (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/verification/flows (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
/sessions/whoami (GET) 2400 rpm / 60 rps 200 rpm / 7 rps 200 rpm / 7 rps
kratos-admin-medium /admin/courier/messages/{id} (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/by/external/{externalID} (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/{id}/sessions (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/sessions (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas/{id} (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups/{id} (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas/{id} (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/ServiceProviderConfig (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users/{id} (GET) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
kratos-public-medium /self-service/login/api (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/login/browser (GET, POST) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/logout/api (DELETE) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/logout/browser (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/oidc/callback/{provider_id} (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/oidc/organizations/{organization_id} (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/saml/callback/{provider_id} (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/saml/organizations/{organization_id} (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/recovery/api (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/recovery/browser (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/registration/api (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/registration/browser (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/settings/api (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/settings/browser (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/verification/api (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/verification/browser (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/sessions (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/sessions/token-exchange (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-admin-high /admin/courier/messages (GET) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities (PATCH, POST) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id} (DELETE, PATCH, PUT) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id}/credentials/{type} (DELETE) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id}/sessions (DELETE) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/recovery/code (POST) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/recovery/link (POST) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id} (DELETE) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id}/extend (PATCH) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Groups (POST) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Groups/{id} (DELETE, PATCH, PUT) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Users (POST) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Users/{id} (DELETE, PATCH, PUT) 400 rpm / 13 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-public-high /self-service/fed-cm/token (POST) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/login (POST) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/recovery (POST) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/registration (POST) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/settings (POST) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/verification (POST) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/sessions (DELETE) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps
/sessions/{id} (DELETE) 200 rpm / 7 rps 50 rpm / 2 rps 50 rpm / 2 rps

Hydra

Bucket Endpoint Production Staging Develop
hydra-admin-low /admin/clients/{id} (GET) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent (GET) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent/accept (PUT) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent/reject (PUT) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/device/accept (PUT) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login (GET) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login/accept (PUT) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login/reject (PUT) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout (GET) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout/accept (PUT) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout/reject (PUT) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/sessions/consent (GET) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/introspect (POST) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/device/verify (GET) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/register/{id} (GET) 480 rpm / N/A 40 rpm / N/A 40 rpm / N/A
hydra-public-low /.well-known/jwks.json (GET) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/openid-configuration (GET) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/ory/webauthn.js (GET) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/consent (GET) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/device/auth (POST) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/fallbacks/logout/callback (GET) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
hydra-admin-medium /admin/clients (GET) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (GET) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (GET) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (GET) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (GET) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/credentials (POST) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-medium /oauth2/auth (GET, POST) 320 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/revoke (POST) 320 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/sessions/logout (GET, POST) 320 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/token (POST) 320 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/userinfo (GET) 320 rpm / N/A 40 rpm / N/A 40 rpm / N/A
hydra-admin-high /admin/clients (POST) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id} (DELETE, PATCH, PUT) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id}/lifespans (PUT) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (DELETE, POST, PUT) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (DELETE, PUT) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/consent (DELETE) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/login (DELETE) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/tokens (DELETE) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (POST) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (DELETE) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-high /oauth2/register (POST) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps
/oauth2/register/{id} (DELETE, PUT) 80 rpm / 4 rps 20 rpm / 2 rps 20 rpm / 2 rps

Keto

Bucket Endpoint Production Staging Develop
keto-public-low /ory.keto.relation_tuples.v1alpha2.CheckService/BatchCheck (POST) 1440 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/ory.keto.relation_tuples.v1alpha2.CheckService/Check (POST) 1440 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/batch/check (POST) 1440 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check (GET, POST) 1440 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check/openapi (GET, POST) 1440 rpm / N/A 120 rpm / N/A 120 rpm / N/A
keto-admin-medium /opl/syntax/check (POST) 500 rpm / 17 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples (GET) 500 rpm / 17 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples/expand (GET) 500 rpm / 17 rps 100 rpm / 5 rps 100 rpm / 5 rps
keto-admin-high /admin/relation-tuples (DELETE, PATCH, PUT) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/namespaces (GET) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/ory.keto.relation_tuples.v1alpha2.WriteService/TransactRelationTuples (POST) 240 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps

Growth Tier

Kratos

Bucket Endpoint Production Staging Develop
kratos-admin-low /admin/identities/{id} (GET) 1200 rpm / 30 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id} (GET) 1200 rpm / 30 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-public-low /self-service/errors (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/fed-cm/parameters (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/login (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/login/flows (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/logout (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/methods/oidc/callback (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/recovery (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/recovery/flows (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/registration (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/registration/flows (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/settings (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/settings/flows (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/verification (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/verification/flows (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
/sessions/whoami (GET) 20000 rpm / 400 rps 400 rpm / 13 rps 400 rpm / 13 rps
kratos-admin-medium /admin/courier/messages/{id} (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/by/external/{externalID} (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/{id}/sessions (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/sessions (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas/{id} (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups/{id} (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas/{id} (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/ServiceProviderConfig (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users/{id} (GET) 1000 rpm / 25 rps 50 rpm / 2 rps 50 rpm / 2 rps
kratos-public-medium /self-service/login/api (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/login/browser (GET, POST) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/logout/api (DELETE) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/logout/browser (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/methods/oidc/callback/{provider_id} (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/methods/oidc/organizations/{organization_id} (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/methods/saml/callback/{provider_id} (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/methods/saml/organizations/{organization_id} (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/recovery/api (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/recovery/browser (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/registration/api (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/registration/browser (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/settings/api (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/settings/browser (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/verification/api (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/self-service/verification/browser (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/sessions (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
/sessions/token-exchange (GET) 4500 rpm / 112 rps 200 rpm / 7 rps 200 rpm / 7 rps
kratos-admin-high /admin/courier/messages (GET) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/identities (PATCH, POST) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/identities/{id} (DELETE, PATCH, PUT) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/identities/{id}/credentials/{type} (DELETE) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/identities/{id}/sessions (DELETE) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/recovery/code (POST) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/recovery/link (POST) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/sessions/{id} (DELETE) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/admin/sessions/{id}/extend (PATCH) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/scim/{client}/v2/Groups (POST) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/scim/{client}/v2/Groups/{id} (DELETE, PATCH, PUT) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/scim/{client}/v2/Users (POST) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
/scim/{client}/v2/Users/{id} (DELETE, PATCH, PUT) 3500 rpm / 88 rps 150 rpm / 8 rps 150 rpm / 8 rps
kratos-public-high /self-service/fed-cm/token (POST) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A
/self-service/login (POST) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A
/self-service/recovery (POST) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A
/self-service/registration (POST) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A
/self-service/settings (POST) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A
/self-service/verification (POST) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A
/sessions (DELETE) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A
/sessions/{id} (DELETE) 1200 rpm / 30 rps 40 rpm / N/A 40 rpm / N/A

Hydra

Bucket Endpoint Production Staging Develop
hydra-admin-low /admin/clients/{id} (GET) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent (GET) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent/accept (PUT) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/consent/reject (PUT) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/device/accept (PUT) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login (GET) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login/accept (PUT) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/login/reject (PUT) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout (GET) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout/accept (PUT) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/requests/logout/reject (PUT) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/auth/sessions/consent (GET) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/admin/oauth2/introspect (POST) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/oauth2/device/verify (GET) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
/oauth2/register/{id} (GET) 2400 rpm / 60 rps 40 rpm / N/A 40 rpm / N/A
hydra-public-low /.well-known/jwks.json (GET) 720 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/openid-configuration (GET) 720 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/ory/webauthn.js (GET) 720 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/consent (GET) 720 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/device/auth (POST) 720 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/fallbacks/logout/callback (GET) 720 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
hydra-admin-medium /admin/clients (GET) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (GET) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (GET) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (GET) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (GET) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/credentials (POST) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-medium /oauth2/auth (GET, POST) 960 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/revoke (POST) 960 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/sessions/logout (GET, POST) 960 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/oauth2/token (POST) 960 rpm / N/A 40 rpm / N/A 40 rpm / N/A
/userinfo (GET) 960 rpm / N/A 40 rpm / N/A 40 rpm / N/A
hydra-admin-high /admin/clients (POST) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id} (DELETE, PATCH, PUT) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id}/lifespans (PUT) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (DELETE, POST, PUT) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (DELETE, PUT) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/consent (DELETE) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/login (DELETE) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/tokens (DELETE) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (POST) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (DELETE) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-high /oauth2/register (POST) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/oauth2/register/{id} (DELETE, PUT) 160 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps

Keto

Bucket Endpoint Production Staging Develop
keto-public-low /ory.keto.relation_tuples.v1alpha2.CheckService/BatchCheck (POST) 8640 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/ory.keto.relation_tuples.v1alpha2.CheckService/Check (POST) 8640 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/batch/check (POST) 8640 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check (GET, POST) 8640 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check/openapi (GET, POST) 8640 rpm / N/A 120 rpm / N/A 120 rpm / N/A
keto-admin-medium /opl/syntax/check (POST) 1000 rpm / 25 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples (GET) 1000 rpm / 25 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples/expand (GET) 1000 rpm / 25 rps 100 rpm / 5 rps 100 rpm / 5 rps
keto-admin-high /admin/relation-tuples (DELETE, PATCH, PUT) 480 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/namespaces (GET) 480 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/ory.keto.relation_tuples.v1alpha2.WriteService/TransactRelationTuples (POST) 480 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps

Enterprise Tier

Kratos

Bucket Endpoint Production Staging Develop
kratos-admin-low /admin/identities/{id} (GET) 6000 rpm / 150 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id} (GET) 6000 rpm / 150 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-public-low /self-service/errors (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/fed-cm/parameters (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/login (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/login/flows (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/logout (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/methods/oidc/callback (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/recovery (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/recovery/flows (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/registration (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/registration/flows (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/settings (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/settings/flows (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/verification (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/self-service/verification/flows (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
/sessions/whoami (GET) 36000 rpm / 720 rps 400 rpm / 13 rps 400 rpm / 13 rps
kratos-admin-medium /admin/courier/messages/{id} (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/by/external/{externalID} (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/identities/{id}/sessions (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/admin/sessions (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/schemas/{id} (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Groups/{id} (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Schemas/{id} (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/ServiceProviderConfig (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
/scim/{client}/v2/Users/{id} (GET) 800 rpm / 20 rps 50 rpm / 2 rps 50 rpm / 2 rps
kratos-public-medium /self-service/login/api (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/login/browser (GET, POST) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/logout/api (DELETE) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/logout/browser (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/oidc/callback/{provider_id} (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/oidc/organizations/{organization_id} (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/saml/callback/{provider_id} (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/methods/saml/organizations/{organization_id} (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/recovery/api (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/recovery/browser (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/registration/api (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/registration/browser (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/settings/api (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/settings/browser (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/verification/api (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/self-service/verification/browser (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/sessions (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
/sessions/token-exchange (GET) 1600 rpm / 40 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-admin-high /admin/courier/messages (GET) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities (PATCH, POST) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id} (DELETE, PATCH, PUT) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id}/credentials/{type} (DELETE) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/identities/{id}/sessions (DELETE) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/recovery/code (POST) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/recovery/link (POST) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id} (DELETE) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/sessions/{id}/extend (PATCH) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Groups (POST) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Groups/{id} (DELETE, PATCH, PUT) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Users (POST) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
/scim/{client}/v2/Users/{id} (DELETE, PATCH, PUT) 2400 rpm / 60 rps 100 rpm / 5 rps 100 rpm / 5 rps
kratos-public-high /self-service/fed-cm/token (POST) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/login (POST) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/recovery (POST) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/registration (POST) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/settings (POST) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps
/self-service/verification (POST) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps
/sessions (DELETE) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps
/sessions/{id} (DELETE) 1200 rpm / 30 rps 50 rpm / 2 rps 50 rpm / 2 rps

Hydra

Bucket Endpoint Production Staging Develop
hydra-admin-low /admin/clients/{id} (GET) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/consent (GET) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/consent/accept (PUT) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/consent/reject (PUT) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/device/accept (PUT) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/login (GET) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/login/accept (PUT) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/login/reject (PUT) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/logout (GET) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/logout/accept (PUT) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/requests/logout/reject (PUT) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/auth/sessions/consent (GET) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/admin/oauth2/introspect (POST) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/oauth2/device/verify (GET) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
/oauth2/register/{id} (GET) 18000 rpm / 360 rps 100 rpm / 5 rps 100 rpm / 5 rps
hydra-public-low /.well-known/jwks.json (GET) 1440 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/openid-configuration (GET) 1440 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/.well-known/ory/webauthn.js (GET) 1440 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/consent (GET) 1440 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/device/auth (POST) 1440 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/oauth2/fallbacks/logout/callback (GET) 1440 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
hydra-admin-medium /admin/clients (GET) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (GET) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (GET) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (GET) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (GET) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/credentials (POST) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-medium /oauth2/auth (GET, POST) 3600 rpm / N/A 150 rpm / 8 rps 150 rpm / 8 rps
/oauth2/revoke (POST) 3600 rpm / N/A 150 rpm / 8 rps 150 rpm / 8 rps
/oauth2/sessions/logout (GET, POST) 3600 rpm / N/A 150 rpm / 8 rps 150 rpm / 8 rps
/oauth2/token (POST) 3600 rpm / N/A 150 rpm / 8 rps 150 rpm / 8 rps
/userinfo (GET) 3600 rpm / N/A 150 rpm / 8 rps 150 rpm / 8 rps
hydra-admin-high /admin/clients (POST) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id} (DELETE, PATCH, PUT) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/clients/{id}/lifespans (PUT) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set} (DELETE, POST, PUT) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/keys/{set}/{kid} (DELETE, PUT) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/consent (DELETE) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/auth/sessions/login (DELETE) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/oauth2/tokens (DELETE) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers (POST) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/admin/trust/grants/jwt-bearer/issuers/{id} (DELETE) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
hydra-public-high /oauth2/register (POST) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps
/oauth2/register/{id} (DELETE, PUT) 320 rpm / N/A 20 rpm / 2 rps 20 rpm / 2 rps

Keto

Bucket Endpoint Production Staging Develop
keto-public-low /ory.keto.relation_tuples.v1alpha2.CheckService/BatchCheck (POST) 17280 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/ory.keto.relation_tuples.v1alpha2.CheckService/Check (POST) 17280 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/batch/check (POST) 17280 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check (GET, POST) 17280 rpm / N/A 120 rpm / N/A 120 rpm / N/A
/relation-tuples/check/openapi (GET, POST) 17280 rpm / N/A 120 rpm / N/A 120 rpm / N/A
keto-admin-medium /opl/syntax/check (POST) 2000 rpm / 50 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples (GET) 2000 rpm / 50 rps 100 rpm / 5 rps 100 rpm / 5 rps
/relation-tuples/expand (GET) 2000 rpm / 50 rps 100 rpm / 5 rps 100 rpm / 5 rps
keto-admin-high /admin/relation-tuples (DELETE, PATCH, PUT) 960 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/namespaces (GET) 960 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps
/ory.keto.relation_tuples.v1alpha2.WriteService/TransactRelationTuples (POST) 960 rpm / N/A 60 rpm / 3 rps 60 rpm / 3 rps