> For the complete documentation index, see [llms.txt](https://developer.switchmarket.se/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://developer.switchmarket.se/switch-api/authentication/token-quotas.md). # Token Quotas {% hint style="success" %} The Maximum Access Token Lifetime or the time until an access token issued for the API will expire is 86400 seconds. {% endhint %} The [Client Credentials Flow](/switch-api/authentication/client-credentials-flow.md) enables the applications that use the Organization Client, such as CLIs, daemons, or backend services, to obtain access tokens on their own behalf without any user interaction. The Switch Authorization Server imposes rate limits on the token endpoint which when reached will reject the requests to fetch an access token for a given time period. ### Token Endpoint Rate Limits The following rate limits are applied to the token endpoint: | Environment | Per Hour | Per Day | | ----------- | -------- | ------- | | Test | 20 | 100 | | Production | 10 | 50 | ### Quota headers The Switch Authorization Server (Auth0) includes HTTP header in Client Credentials Flow responses (both successful and 429 error responses) to provide real-time information about quota consumption: * `Auth0-Client-Quota-Limit`: Provides quota information for the application The Switch Authorization Server only includes the headers corresponding to the quotas for the token request in the response. The following code sample is an example quota header: ```http Auth0-Client-Quota-Limit: b=per_hour;q=10;r=7;t=3540,b=per_day;q=50;r=47;t=43200 ``` The header values are comma-separated lists of quota buckets. Each bucket is represented as a semicolon-separated list of key-value pairs: * `b` (bucket\_name): The name of the quota bucket (per\_hour or per\_day). * `q` (quota): The configured quota limit for the bucket. * `r` (remaining): The number of remaining tokens in the bucket. * `t` (time): The number of seconds until the bucket resets. In the `Auth0-Client-Quota-Limit` example: * The application has an hourly quota (`b=per_hour`) of 10 tokens (`q=10`). It has 7 tokens remaining (`r=7`), and the quota resets in 3540 seconds (`t=3540`). * The application also has a daily quota (`b=per_day`) of 50 tokens (`q=50`). It has 47 tokens remaining (`r=47`), and the quota resets in 43200 seconds (`t=43200`). ### Error responses for exceeded quotas When an enforced quota is exceeded, the API returns an `HTTP 429 Too Many Requests` error. In the response body, an error code with a more detailed description is returned. The following code sample is an example error response for an exceeded quota: ```json {   "error": "too_many_requests",   "error_description": "Client quota exceeded" } ``` In addition to the response body, the following headers are returned: * `Auth0-Client-Quota-Limit`: The quota header corresponding to the consumed quota for the application. * `X-RateLimit-Limit`: The configured limit for the quota that has been consumed. * `X-RateLimit-Remaining`: Set to zero, indicating that the quota has been fully consumed. * `X-RateLimit-Reset`: A UNIX timestamp (in seconds) representing the time when the quota is expected to reset and further requests will be allowed. * `Retry-After`: The number of seconds until the quota resets and further requests will succeed. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://developer.switchmarket.se/switch-api/authentication/token-quotas.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.