Is there a rate limit for the Google OAuth 2.0 API?

I can say fairly certainty that there are NO LIMITS to any of Google's Authorization API's.

I know this because it does not state ANY LIMITS anywhere within there Authorization API's Terms of Service. In fact, the Terms of Service itself is very bare:

Google Account Authentication APIs Terms of Service

Last modified: April 20, 2012 By using this API, you consent to be bound by these terms in addition to the Google APIs Terms of Service ("API ToS") at https://developers.google.com/terms. Deprecation Policy

Google will announce if we intend to discontinue or make backwards incompatible changes to this API or Service. We will use commercially reasonable efforts to continue to operate the Google Account Authentication APIs (exclusive of OAuth 2.0) without these changes until April 20, 2015, unless (as Google determines in its reasonable good faith judgment):

required by law or third party relationship (including if there is a change in applicable law or relationship), or doing so could create a security risk or substantial economic or material technical burden. This Deprecation Policy doesn't apply to versions, features, and functionality labeled as "experimental."

After April 20, 2015, this Deprecation Policy will not apply.

If there were to be limits, Google generally would have to put them in there ToS, so I can safely say that there are no limits.


This is an old question, so things have likely changed since the original reply, but Google now has "quota restrictions based on risk level" (whatever that means):

To protect users and Google systems from abuse, applications that use OAuth and Google Identity have certain quota restrictions based on the risk level of the OAuth scopes an app uses. These limits include the following:

  • A new user authorization rate limit that limits how quickly your application can get new users.
  • A total new user cap. To learn more, see the Unverified apps page.

When an application exceeds the rate limit, Error 403: rate_limit_exceeded is displayed to users


I think there's a limit to the google oauth api endpoints. I was building an browser extension and left a recursive loop while testing. Made too many requests and got this-

{
 "error": {
  "errors": [
   {
    "domain": "usageLimits",
    "reason": "dailyLimitExceededUnreg",
    "message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.",
    "extendedHelp": "https://code.google.com/apis/console"
   }
  ],
  "code": 403,
  "message": "Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup."
 }
}

But this limit seems to be on the end user level. When I query for the information of a different user, i receive the response just fine.

Tags:

Api

Oauth 2.0