okta · brianduffield-okta · Apr 23, 2025
@@ -12,19 +12,20 @@ This page provides the API rate limits for authentication and end user activitie
 > * In addition to the rate limit per API, Okta implements limits on concurrent requests, Okta-generated emails, end user requests, and home page endpoints. These limits are described on the [Additional limits](/docs/reference/rl-additional-limits/) page.
 > * [DynamicScale rate limits](/docs/reference/rl-dynamic-scale/) apply to various endpoints across different APIs for customers who purchased this add-on. (The DynamicScale add-on service is only available to Customer Identity Solutions (CIS) customers.)
 > * You can expand Okta rate limits upon request. To learn how, see [Request exceptions](/docs/reference/rl-best-practices/#request-rate-limit-exceptions) and [DynamicScale rate limits](/docs/reference/rl-dynamic-scale/).
+> * API endpoints that end with an asterisk (for example, `/oauth2/v1*`) refer to calls that use that base schema and don't match a specific endpoint.
 >
 
 See the following list of per-minute limits. If an endpoint isn't in this list, you can review it using the Admin Console, in the rate limit dashboard's APIs table. See [APIs table](/docs/reference/rl-dashboard/#apis-table).
 
 | Action and Okta API endpoint                                                                                           | Developer (free) | Developer (paid) | One App | Enterprise | Workforce identity    |
 | ---------------------------------------------------------------------------------------------------------------------- | ----------------: | ----------------: | -------: | ----------: | ---------------------: |
-| **Authenticate different end users:**<br>`/api/v1/authn`<br>Eligible for dynamic scale and workforce multiplier                                                               | 100              | 600              | 600     | 600        | 500                   |
+| **Authenticate different end users:**<br>`/api/v1/authn` and `/api/v1/authn*`<br>Eligible for dynamic scale and workforce multiplier                                                               | 100              | 600              | 600     | 600        | 500                   |
 | **Verify a factor:**<br>`/api/v1/authn/factors/{factorIdOrFactorType}/verify` only<br>Eligible for dynamic scale and workforce multiplier                                     | 100              | 600              | 600     | 600        | 500                   |
 | **Get session information:**<br>`/api/v1/sessions`<br>Eligible for dynamic scale and workforce multiplier                                                                     | 100              | 600              | 600     | 600        | 750                   |
-| **OAuth2 requests for Custom Authorization Servers:**<br>`/oauth2/{authorizationServerId}/v1` except `/oauth2/{authorizationServerId}/v1/authorize`, `/oauth2/{authorizationServerId}/v1/token`, and public metadata endpoints (see [Endpoints without rate limiting](#endpoints-without-rate-limiting))<br>Eligible for dynamic scale and workforce multiplier  | 300 | 1,200 | 1,200     | 1,200       | 2,000                  |
+| **OAuth2 requests for Custom Authorization Servers:**<br>`/oauth2/{authorizationServerId}/v1*` except `/oauth2/{authorizationServerId}/v1/authorize`, `/oauth2/{authorizationServerId}/v1/token`, and public metadata endpoints (see [Endpoints without rate limiting](#endpoints-without-rate-limiting))<br>Eligible for dynamic scale and workforce multiplier  | 300 | 1,200 | 1,200     | 1,200       | 2,000                  |
 | `/oauth2/{authorizationServerId}/v1/authorize`<br>Eligible for dynamic scale and workforce multiplier                                                                        | 300              | 1200             | 1200    | 1200       | 2000
 | `/oauth2/{authorizationServerId}/v1/token`<br>Eligible for dynamic scale and workforce multiplier                                                                        | 300              | 1200             | 1200    | 1200       | 2000
-| **OAuth2 requests for the Org Authorization Server:**<br>`/oauth2/v1` except `/oauth2/v1/clients`, `/oauth2/v1/authorize`, `/oauth2/v1/token`, and public metadata endpoints (see [Endpoints without rate limiting](#endpoints-without-rate-limiting))<br>Eligible for dynamic scale and workforce multiplier | 300 | 1,200 | 1,200     | 1,200       | 2,000                  |
+| **OAuth2 requests for the Org Authorization Server:**<br>`/oauth2/v1*` except `/oauth2/v1/clients`, `/oauth2/v1/authorize`, `/oauth2/v1/token`, and public metadata endpoints (see [Endpoints without rate limiting](#endpoints-without-rate-limiting))<br>Eligible for dynamic scale and workforce multiplier | 300 | 1,200 | 1,200     | 1,200       | 2,000                  |
 | `/oauth2/v1/authorize`<br>Eligible for dynamic scale and workforce multiplier                                                                                                | 300              | 1200             | 1200    | 1200       | 2000
 | `/oauth2/v1/token`<br>Eligible for dynamic scale and workforce multiplier                                                                                                | 300              | 1200             | 1200    | 1200       | 2000
 | **All other OAuth2 requests:**<br>`/oauth2`                                                                            | 100              | 600              | 600     | 600        | 600                   |

@@ -15,6 +15,7 @@ This page provides the API rate limits for management activities, which is part
 > * [DynamicScale rate limits](/docs/reference/rl-dynamic-scale/) apply to various endpoints across different APIs for customers who purchased this add-on. (The DynamicScale add-on service is only available to Customer Identity Solutions (CIS) customers.)
 > * In addition to the rate limit per API, Okta implements limits on concurrent requests, Okta-generated email messages, end user requests, and home page endpoints. These limits are described on the [Additional limits](/docs/reference/rl-additional-limits/) page.
 > * You can expand Okta rate limits upon request. To learn how, see [Request exceptions](/docs/reference/rl-best-practices/#request-rate-limit-exceptions) and [DynamicScale rate limits](/docs/reference/rl-dynamic-scale/).
+> * API endpoints that end with an asterisk (for example, `/api/v1/apps*`) refer to calls that use that base schema and don't match a specific endpoint.
 >
 
 See the following list of per-minute limits. If an endpoint isn't in this list, you can review it using the Admin Console, in the rate limit dashboard's APIs table. See [APIs table](/docs/reference/rl-dashboard/#apis-table).