Limit Client requests on Machine to Machine flow

niall · April 4, 2023, 9:50am

Customer is looking to limit the number of token requests on a client by client basis. The intention is to ensure no single client can consume the rate limit for a particular api.

I can’t see any options to limit from the UI. I can see that M2M does trigger the Login flow, so I have options in Actions.
https://auth0.com/docs/customize/actions/flows-and-triggers/machine-to-machine-flow

This post talks to monitoring global endpoint usage.
https://community.auth0.com/t/how-to-tell-if-you-are-approaching-the-rate-limit/82103

What I don’t have is an approach to introducing a per client limit. Any thoughts here would be appreciated.

peter.fernandez · April 4, 2023, 3:49pm

Hi Niall,

So whilst there’s currently no specific product configurable limitations that can be applied to Auth0 M2M token allocations, we do have some guidance which we’ve developed for our customers that can help in a number of different scenarios (see attached). Hope this helps
Optimizing External M2M Token Reuse.pdf (301.0 KB)

niall · April 4, 2023, 3:50pm

Hi Peter. Thanks for the response. I’ll review the document and report back once I’ve had a chance to digest it.

system · April 18, 2023, 3:51pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Machine to Machine Authentication Rate Limiting Get Help rate-limit	14	14137	May 29, 2020
Auth0 Free Plan Limit Get Help auth0 , api , management-api	1	4855	May 4, 2020
Auth0 Rate Limit /oauth/token endpoint - Custom actions or Hooks Get Help management-api , clients	10	1743	June 21, 2023
How to know how many and which m2m users have been requested? Get Help jwt , auth0 , api , m2m	10	5035	December 29, 2020
Machine to machine API token call limits Get Help	3	3022	December 24, 2020

Limit Client requests on Machine to Machine flow

Related topics