Project Rate Limits
Ory Network currently enforces three rate limit policies based on the path of your request.
/sessions/whoami: A dedicated rate limit policy for all calls to the/sessions/whoamiendpoint to keep these separate from all other calls./identities: A dedicated rate limit policiy for all calls to the/identitiesendpoint to throttle the number of requests to this endpoint.*: All other calls a managed by this rate limit policy.
Each policy defines two rate limits:
burst: a per second rate limit of requests to allow for some requests spikes for a short period of timesustained: a rate limit of requests for a 1 minute time window
The following table shows the limits of the three rate-limit policies for each subscription plan tier:
| Subscription Plan | Path / Bucket | Rate Limits (burst/sustained) |
|---|---|---|
| Develop | /sessions/whoami: /identities: *: | 15 rps / 450 rpm 1 rps / 10 rpm 15 rps / 450 rpm |
| Essentials | /sessions/whoami: /identities: *: | 80 rps / 1800 rpm 10 rps / 300 rpm 40 rps / 900 rpm |
| Scale | /sessions/whoami: /identities: *: | 800 rps / 18000 rpm 20 rps / 600 rpm 400 rps / 9000 rpm |