Clerk rate limits certain endpoints to help protect users against brute-force attacks or to stop abuse of Clerk's platform. Rate limiting is based on IP addresses.
If you receive a 429 error code, that means your IP address has been rate limited. All subsequent requests to that specific endpoint coming from your IP address will be blocked for a given amount of time.
Requests that have been rate limited, will receive the
Retry-After response header, which contains the number of seconds after which the block expires.
Frontend API Requests
|Create SignIn||7 requests per 10 seconds|
|Create SignUp||7 requests per 10 seconds|
|Attempt SignIn||3 requests per 10 seconds|
|Attempt SignUp||3 requests per 10 seconds|
Backend API Requests
|Create users||20 requests per 10 seconds|
|All other endpoints||100 requests per 10 seconds|
Last updated on September 18, 2023