Howdy Auth0 community/support.
TLDR: Has anyone else encountered Auth0 quotas on client-grants being hit, by clients being deleted but the attached grants not being removed from the quota?
I think whats happening is:
- Create a client (via management API)
- Create a client grant (via management API)
- Delete the client (via management API)
- The grant gets deleted automatically by Auth0 (as expected)
- BUT: the client-grant quota doesn’t get decremented… leaving the quota to become exceeded.
Some details:
I hit a limit of client grants in a tenant. There’s no dashboard/quota view that shows client grants, and retrieving the list of client grants from the API shows only 2 grants in the tenant.
POST https://{{INTEGRATION_TEST_AUTH0_DOMAIN}}/api/v2/client-grants
{
"statusCode": 403,
"error": "Forbidden",
"message": "You reached the limit of entities of this type for this tenant.",
"errorCode": "too_many_entities"
}
Of course its logical to then query the client-grants and see how many I have:
https://{{INTEGRATION_TEST_AUTH0_DOMAIN}}/api/v2/client-grants
[
{
"id": "cgr_fK2kxaqxyZ972NIg",
"client_id": "REDACTED1",
"audience": "https://integration-testing",
"scope": [],
"subject_type": "client"
},
{
"id": "cgr_nLW6rlvGCgV9k5jO",
"client_id": "REDACTED2",
"audience": "https://REDACTED_AUTH0_DOMAIN.au.auth0.com/api/v2/",
"scope": [
... cut for brevity
],
"subject_type": "client"
}
]
Hmm. Only two grants. Right!?
Well I got an answer from Auth0 suport about a month ago (case 02813026 if anyone from support is looking). The support agent sent me a summary at the end which is a good outline of what occured over ~2-3 weeks of investigating.
I collaborated with our Engineering team to identify a synchronization bug where deleting parent clients failed to update your entity counters.
I confirmed that we manually reset the client-grant entity counter for your tenant to resolve the “limit reached” error and unblock your testing.
I advocated internally to get a response from the engineering team as soon as possible; however, because this required a manual database correction,
This specific tenant of mine is used for integration testing. I run a series of test cases involving creating clients, testing various grants and then deleting the client. I falsely assume that deleting a client, clearly deletes the grant, should also decrement against the quota.
Assuming my debugging (and support indication) is correct - is anyone else encountering this quota issue? Do you just email support every week or two to ask for a quota reset (lol, of course not).
I’m willing to experiment with “delete grants manually before deleting clients” but it seems somewhat ridiculous to need to do so. I’m also mindful I could pay for more quota - but that just delays the buggy inevitable 
.