![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 37%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,636 questions
The rate limiting is tracked per provisioning job. One configured instance of provisioning on an AAD Enterprise App/custom non-gallery app equals one provisioning job. If you have ten customers each with one provisioning job configured, then that would be 10 provisioning jobs. Rate limiting only exists at this time for apps in the gallery that have been developed and onboarded by Microsoft. Custom non-gallery apps do not have any rate limiting available. Each provisioning job operates independently with no vision to others - the interval between cycles will be every 40 minutes, although for extremely large sets of users/groups it is possible for the cycle to take much longer. Assuming that the number of changes take less than 40 minutes to process, however, the expectation will be that each configured and enabled provisioning job runs every 40 minutes. To add all of that up - 25 requests per second per configured provisioning job, which usually is a 1:1 link to a customer. If you have 100 customers and a gallery app set to 25/second as the upper limit for # of requests, you can expect up to 2500 requests per second as the peak, although in reality that may not ever happen.