Rate limits
Clerk rate limits certain endpoints to help protect users against brute-force attacks or to stop abuse of Clerk's platform. Rate limiting is based on IP addresses.
Errors
If you receive a 429 error code, that means your IP address has been rate limited. All subsequent requests to that specific endpoint coming from your IP address will be blocked for a given amount of time.
Requests that have been rate limited, will receive the Retry-After
response header, which contains the number of seconds after which the block expires.
Frontend API requests
Name | Type | Description |
---|---|---|
Create SignIn | /v1/sign_ins | 7 requests per 10 seconds |
Create SignUp | /v1/sign_ups | 7 requests per 10 seconds |
Attempt SignIn | /v1/sign_ins/attempt_(first|second)_factor | 3 requests per 10 seconds |
Attempt SignUp | /v1/sign_ups/attempt_verification | 3 requests per 10 seconds |
Backend API requests
Name | Type | Description |
---|---|---|
Create users | POST /v1/users | 20 requests per 10 seconds |
All other endpoints | 100 requests per 10 seconds |