> ## Documentation Index
> Fetch the complete documentation index at: https://auth0.com/llms.txt
> Use this file to discover all available pages before exploring further.

> Describes Auth0's tenant entity limit policy for subscribers.

# Entity Limit Policy

Entities in Auth0 are tenant configuration elements such as Applications, Connections, Organizations, API <Tooltip tip="Resource Server: Server hosting protected resources. Resource servers accept and respond to protected resource requests." cta="View Glossary" href="/docs/glossary?term=resource+servers">resource servers</Tooltip>, Permissions, Roles, Actions.

<Warning>
  Entity limits are hard limits on entities that are enforced for the health of our platform; they are not a component of pricing, though they can differ for groups of pricing plans. Individual pricing plans have separate limitations, which refer to the entitlements like MAU and Enterprise Connections you receive when you subscribe to a given plan. (To learn what your pricing plan limitations are, see [Auth0 Pricing](https://auth0.com/pricing/).)
</Warning>

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  Any use of the term "unlimited" means that there are no hard limits, but Okta sets system limitations on the threshold. Please reach out to support if you have any questions on these limits.
</Callout>

## Global Subscription Plan Limits

This section lists limits that apply to all subscription plans.

### Organizations

| Entity                                                 | Limit   |
| ------------------------------------------------------ | ------- |
| Organizations per Tenant                               | 100,000 |
| Members per Organization                               | 100,000 |
| Connections per Organization                           | 10      |
| Role Assignments per Organization Member               | 50      |
| Role Assignments per Enterprise Group                  | 10      |
| Unique Roles that can be assigned to Enterprise Groups | 100     |
| Enterprise Groups that can be assigned Roles           | 10,000  |
| M2M Client Grants per Organization (Public Cloud)      | 100     |
| M2M Client Grants per Organization (Private Cloud)     | 1000    |
| Custom Token Exchange Profiles                         | 100     |

Customers on Enterprise plans can request increased entity limits for Organizations per tenant and Organization members per Organization by [contacting support](https://support.auth0.com/).

These limits can be increased to 2,000,000 Organizations per tenant and 2,000,000 Organization members per Organization on public cloud. On private cloud instances, these entities are unlimited.

### Enterprise Groups

| Entity                           | Limit   |
| -------------------------------- | ------- |
| Enterprise Groups per Connection | 10,000  |
| Members per Enterprise Group     | 200,000 |
| Members in SCIM POST operations  | 10,000  |
| Members in SCIM PUT operations   | 10,000  |
| Members in SCIM PATCH operations | 1,000   |

### Authorization Core Role-Based Access Control (RBAC)

| Entity                                                 | Limit  |
| ------------------------------------------------------ | ------ |
| Roles per Tenant                                       | 1000   |
| Scopes per API (Resource Servers)                      | 1000   |
| Roles per User                                         | 50     |
| Roles per Enterprise Group                             | 10     |
| Unique Roles that can be assigned to Enterprise Groups | 100    |
| Enterprise Groups that can be assigned Roles           | 10,000 |
| Permissions per User                                   | 1000   |
| Permissions per Role                                   | 1000   |

The Enterprise Group and Role limits above apply to using RBAC without the Organizations feature. Usage of the Organizations feature enables these limits to be applied per Organization instead of per Tenant.

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  Note that limitations on Permissions per user affect directly assigned Permissions.

  Technically, a user could have more Permissions than noted if you assign the Permissions to different Roles and then assign the Roles to the User.
</Callout>

| Entity                                 | Limit |
| -------------------------------------- | ----- |
| Refresh Token per User per Application | 200   |

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  If you reach the <Tooltip tip="Refresh Token: Token used to obtain a renewed Access Token without forcing users to log in again." cta="View Glossary" href="/docs/glossary?term=Refresh+tokens">Refresh Tokens</Tooltip> limit and create a new Refresh Token,
  the system revokes or deletes the oldest token for that user in the
  Application.

  Revoked tokens and expired tokens do not count against the limit.
</Callout>

### Actions

| Entity                                       | Limit |
| -------------------------------------------- | ----- |
| Actions per Tenant                           | 100   |
| Actions per Trigger per Tenant               | 20    |
| Actions Modules per Tenant                   | 100   |
| Actions Modules per Action                   | 3     |
| Versions per Action                          | 50    |
| Versions per Action Module                   | 50    |
| Secrets per Action                           | 30    |
| Secrets per Action Module                    | 30    |
| Dependencies (NPM Modules) per Action        | 10    |
| Dependencies (NPM Modules) per Action Module | 10    |

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  Actions and Actions Modules limits include both deployed and undeployed entities. When you delete them, they no longer count toward the specific limit.

  Action Versions and Action Module Versions limits include both draft and active. Once you reach the limit, adding every additional version results in Auth0 deleting the oldest unused version.
</Callout>

### Forms

| Entity           | Limit |
| ---------------- | ----- |
| Forms per Tenant | 500   |
| Flows per Tenant | 500   |

## Subscription Plan

### Enterprise

| Entity                       | Maximum |
| ---------------------------- | ------- |
| API Resource Servers         | 100,000 |
| Applications                 | 100,000 |
| Client Grants                | 100,000 |
| Application Credentials      | 2,000   |
| Concurrent CIBA Transactions | 5,000   |
| Self-Service SSO Profiles    | 20      |

### Self-service

| Entity                       | Maximum |
| ---------------------------- | ------- |
| Applications                 | 100     |
| Client Grants                | 10,000  |
| Connections                  | 100     |
| Rules                        | 10      |
| API Resource Servers         | 100     |
| Concurrent CIBA Transactions | 5,000   |

### Free

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  Free tenants only support a maximum of two social connections.
</Callout>

| Entity                           | Limit |
| -------------------------------- | ----- |
| Applications                     | 10    |
| Client Grants                    | 100   |
| Connections                      | 100   |
| Rules                            | 3     |
| API (Resource Servers)           | 10    |
| Admins (including on Teams)      | 3     |
| Enterprise Groups per Connection | 10    |
| Members per Enterprise Group     | 1000  |