Hi @timonbimon,
Welcome to the Auth0 Community!
You can use an M2M Action to enforce your own internal limits for M2M token authentication.
Additionally, you can cache the Management API tokens in the Action since these tokens do not expire immediately. This will help avoid going over the quota for your M2M token authentication.
For more details, see this post on caching Management API access tokens in a login action.
Thanks,
Rueben