OAuth Application Rate Limits

To protect users and Google systems from abuse, applications that use OAuth and Google Identity have certain quota restrictions based on the risk level of the OAuth scopes an app uses. These limits include the following:

  • A new user authorization rate limit that limits how quickly your application can get new users.
  • A total new user cap. To learn more, see the Unverified apps page.

When an application exceeds the rate limit, Error 403: rate_limit_exceeded is displayed to users, like in the screenshot below:

Error 403 Authorization Error window

Application developers

As a developer of an application, you can view the current user authorization grant rate (or token grant rate) in the Google API Console OAuth consent screen page before your application displays this error.

If you see that your application will reach the rate limit soon via the Google API Console or see this error being displayed, you should take action to improve your application’s user experience. You can request a rate limit quota increase for the application. Please expect a response in 5 business days.

OAuth rate limit quotas

 

Applicable apps

Quota

Appeal

New user authorization rate limit

Apps that request access to user data, including verified apps

Dependent on application history, developer reputation, and riskiness

Request a rate limit quota increase

To learn more about the total new user cap, see the Unverified apps page.

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Main menu
10717578365509160336
true
Search Help Center
true
true
true
true
true
95384
false
false