Graph Api rate limits

Question

Graph Api rate limits

Sushil Dangi 0

Hi,

Could you please help with below queries with all the details as I am not finding proper documentation. We are using graph apis with application credentials.

what are the Graph API rate limits. At tenant level? or is it at user level. Pls let me know all the details as I am not sure what and all this query should include here.

-does this limit includes access token api call? or these are seperate limits , If so pls provide details on this.

does webhooks also considered as graph api calls and included in rate limits?

If you can provide these details in particular numbers, would be great. How to handle if there are too many requests? is there a provision to increase the limit? Thanks,

1 answer

Your answer

Answer 1

Teddie-D 6,630 Microsoft External Staff Moderator

Hi @Sushil Dangi

Thank you for posting your question in the Microsoft Q&A forum.

A clear understanding of throttling behavior in the Microsoft Graph API is essential when working with application credentials. While some aspects are well documented, others require careful attention and strategic handling.

1.Rate limits are enforced at multiple scopes:

Per app and per tenant: Most limits apply to the combination of your application and the tenant it operates in.
Per user: Some endpoints, particularly those that access user-specific resources such as /me, are subject to user-level throttling.

-The limits are not global across all tenants; they are scoped to your app’s usage within a tenant.
-For more details, please refer to Microsoft Graph service-specific throttling limits - Microsoft Graph | Microsoft Learn.

2.Token acquisition via OAuth 2.0 endpoints like https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token is not counted toward Graph API request limits.
-These token requests are handled by Azure AD, which has its own throttling policies, separate from Graph API.
-Reference: Authentication and authorization basics - Microsoft Graph | Microsoft Learn.

3.In the Graph documentation, there is a section for Subscription service limits (e.g., creating Graph subscriptions/webhooks). For example:

POST/PUT/DELETE/PATCH on subscription resource: 500 requests per 20 seconds per app per tenant.

So, subscription operations (webhook subscription create/update/delete/list) are counted and have their own throttling buckets.
-However, webhook notifications sent to your service are not Graph API calls and are not throttled. Only the management operations (POST/PUT/DELETE/PATCH) are counted.
-Reference: Receive change notifications through webhooks - Microsoft Graph | Microsoft Learn.

4.Microsoft Graph returns an HTTP 429 Too Many Requests response when throttling occurs, along with a Retry-After header. To recover quickly:
-Respect the Retry-After delay.
-Avoid immediate retries, as they count against your usage limits.
-Reduce the frequency and complexity of requests.
-Retry only after the specified delay. If throttling persists, continue backing off until the request succeeds.
-You can read more at Microsoft Graph throttling guidance - Microsoft Graph | Microsoft Learn.

5.Graph throttling limits cannot be increased. For scenarios requiring large-scale data extraction, Microsoft recommends using Microsoft Graph Data Connect which enables bulk access to Microsoft 365 data without being subject to Graph API throttling.

I hope this information is helpful.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Sushil Dangi 0 Reputation points

2025-10-20T10:03:54.3966667+00:00

Thanks @Teddie-D , However I did not find access token ratelimits info here. -Reference: Authentication and authorization basics - Microsoft Graph | Microsoft Learn.

could you please provide exact link where ratelimts related info is updated.

Also these limits are absed on plan we purchase? limits can be increased if we go for other plans. If so, what are the plans and their limits please.
Teddie-D 6,630 Reputation points Microsoft External Staff Moderator

2025-10-20T10:34:35.92+00:00

Hi @Sushil Dangi
-Microsoft does not publish separate throttling limits for access token requests. Since token acquisition is managed by Azure Active Directory rather than Microsoft Graph, it is recommended to reuse tokens until they expire and avoid unnecessary refreshes to reduce the risk of throttling.

-Throttling limits for Microsoft Graph API are not influenced by Microsoft 365 subscription plans. These limits are applied globally and per service to ensure platform stability. They are enforced at various scopes, including per application, tenant, and sometimes per user, regardless of whether you are using E3, E5, or another plan.

-Upgrading to a higher Microsoft 365 plan does not affect Graph API throttling limits. For large-scale data extraction, the recommended approach is to use Microsoft Graph Data Connect, which is specifically designed for bulk operations and is not subject to the same throttling constraints as the standard Graph API.
Sayali-MSFT 4,066 Reputation points Microsoft External Staff Moderator

2025-10-21T06:02:42.5533333+00:00

Hi @Sushil Dangi , Could you please confirm if your issue has resolved with provided suggestions or still looking for any help?
Sushil Dangi 0 Reputation points

2025-10-22T13:57:57.84+00:00
Hi @Sayali-MSFT ,

I am looking for more details. Could you pls help with the same as the documentation is huge and difficult to understand. we are using below graph apis with application credentials. could you pls let me know the ratelimits considering these apis instead of link which ahs so many things and difficult to relate for my senario.

Access Token : https://login.microsoftonline.com/%s/oauth2/v2.0/token

https://graph.microsoft.com/v1.0/subscriptions (for callrecord and user events urls)

futuremeetings api : https://graph.microsoft.com/v1.0/users/" + loggedInUser + "/events""?$select=subject,start,end,organizer,attendees,location,recurrence,onlineMeeting"+ "&$filter=start/dateTime ge '" + startUtc + "'"+

fetch userId using email: https://graph.microsoft.com/v1.0/users/" + email

meeting details from joinurl : https://graph.microsoft.com/v1.0/users/" + userId + "/onlineMeetings?$filter=joinWebUrl eq '" + joinWebUrl + "'"

get occurrences: https://graph.microsoft.com/v1.0/users/" + organizerEmail + events/" + eventId + "/instances"+ "?startDateTime=" + startUtc +

"&endDateTime=" + endUtc+"&$top=100000";

getEventDetails : https://graph.microsoft.com/v1.0 /users/" + userId + "/events/" + eventId+"?$select=id,subject,start,end,recurrence,seriesMasterId,onlineMeeting,onlineMeetingUrl,isOnlineMeeting,organizer"

getCallrecordsById : https://graph.microsoft.com/v1.0 /communications/callRecords/" + callRecId + "?$expand=participants_v2"

getTranscriptContentUrl : https://graph.microsoft.com/v1.0/users/" + teamsUserId + "/onlineMeetings/" + meetingId + "/transcripts

fetchTranscriptContent : using above transcriptcontetn url.

Thanks in advance.
Teddie-D 6,630 Reputation points Microsoft External Staff Moderator

2025-10-23T10:18:19.32+00:00

Hi @Sushil Dangi
-Microsoft does not publish specific throttling limits for access token requests. Since token acquisition is handled by Azure Active Directory rather than Microsoft Graph, it is recommended to reuse tokens until they expire and avoid unnecessary refreshes to reduce the risk of throttling.

-For the subscription resource at https://graph.microsoft.com/v1.0/subscriptions, write operations such as POST, PUT, PATCH, and DELETE are limited to 500 requests per 20 seconds per app per tenant. Notifications sent to your webhook are not counted toward this limit.

-Outlook calendar APIs, including GET requests to /users/{id}/events, /users/{id}/events/{eventId}, and /users/{id}/events/{eventId}/instances, are typically limited to 4 requests per second per app per mailbox, with a burst capacity of up to 10,000 requests in a 10-minute period.

-Teams meeting APIs, such as /users/{id}/onlineMeetings, are limited to 4 requests per second per app per tenant.

-The Call Records API follows the same Teams workload throttling limit of 4 RPS per app per tenant but may also experience additional resource-based throttling for large-scale requests.

-The endpoint /users/{id}/onlineMeetings/{meetingId}/transcripts also falls under Teams meeting APIs and is subject to the same limit of 4 requests per second per app per tenant.
Sushil Dangi 0 Reputation points

2025-10-23T12:49:49.0466667+00:00

thanks @Teddie-D
could you please let me know which sections i can map our apis from this link. if you can provide exact section name, would be helpful.

https://free.blessedness.top/en-us/graph/throttling-limits

Like each api belongs to which section from above link, exact header of section. So that we can verify these numbers from there also.

Thanks
Sushil Dangi 0 Reputation points

2025-10-23T12:51:12.1733333+00:00

thanks @Teddie-D could you please let me know which sections i can map our apis from this link. if you can provide exact section name, would be helpful.

https://free.blessedness.top/en-us/graph/throttling-limits

Like each api belongs to which section from above link, exact header of section. So that we can verify these numbers from there also.

Because 4 rps looks very less and need to confirm. FYI, we are calling these graph apis from a springboot application.

Additionally , I tried hitting /users/{id}/events/{eventId}, and /users/{id}/events/{eventId}/instances from postman with 6 iterations continously and got all 6 successful. so how it is 4 rps ? pls clarify

Thanks
Teddie-D 6,630 Reputation points Microsoft External Staff Moderator

2025-10-24T05:59:21.21+00:00

Hi @Sushil Dangi
-Access token: POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
Access token requests are not covered under the Microsoft Graph throttling documentation. These are governed by Azure Active Directory.

-Subscriptions: POST/PUT/PATCH/DELETE https://graph.microsoft.com/v1.0/subscriptions
Exact section header: Microsoft Graph service-specific throttling limits - Microsoft Graph | Microsoft Learn.

-Future meetings / Events (Outlook Calendar)

GET /users/{id}/events?... (future filter)

GET /users/{id}/events/{eventId}

GET /users/{id}/events/{eventId}/instances?startDateTime=...&endDateTime=…
Exact section header: Microsoft Graph service-specific throttling limits - Microsoft Graph | Microsoft Learn.

Note: The Outlook service enforces a limit of 10,000 requests within a 10-minute window for each app ID and mailbox combination. This translates to approximately 16 to 17 requests per second per mailbox. However, Microsoft recommends designing applications to operate at a more conservative rate of 4 to 10 requests per second to ensure stability and avoid throttling.

-Fetch userId by email: GET https://graph.microsoft.com/v1.0/users/{email-or-id}

Exact section header: Microsoft Graph service-specific throttling limits - Microsoft Graph | Microsoft Learn. This endpoint is covered under both the global throttling table and service-specific limits where applicable.

-Online Meeting details from joinWebUrl, Call Records by Id and Transcripts share the same Teams workload throttling.

GET /users/{id}/onlineMeetings?$filter=joinWebUrl eq '{joinWebUrl}'

GET /communications/callRecords/{callRecId}?$expand=participants_v2

GET /users/{id}/onlineMeetings/{meetingId}/transcripts

GET {transcriptContentUrl} (the download URL you retrieve)

Exact section header: Microsoft Graph service-specific throttling limits - Microsoft Graph | Microsoft Learn.

Note: Call Records may have additional resource-based throttling. You can refer to Microsoft Graph service-specific throttling limits - Microsoft Graph | Microsoft Learn.
Teddie-D 6,630 Reputation points Microsoft External Staff Moderator

2025-10-27T05:17:47.76+00:00

Hi @Sushil Dangi
Just checking in to see if the information above was useful to you. If you have any additional updates or need further assistance, don't hesitate to reach out. Warm thanks!

Share via

Graph Api rate limits

1 answer

Your answer