Limit to the Number of SAML Connections Created within a Tenant
An application has been configured in a tenant. It is required to provide Single Sign-On (SSO) via a SAML connection to more than 100 'downstream' customers so that each can access this specific application.
This tenant is linked to an Enterprise subscription plan. This article will explain the following:
- If there is a limit to the number of SAML connections that can be created within this tenant
- If it is possible to create 1000 SAML connections, and if these 1000 connections be linked with a single Application
- SAML Connections
- Single Sign-On (SSO)
- Connection Limits
Subscription entitlement
In general terms, the maximum number of Enterprise connections (including SAML) available within a tenant will depend on:
- the type of use case ( B2B or B2C )
- the details of a customer's subscription plan
For example, at the time of this writing ( February 2024 ), the number of Enterprise connections available for B2B-focused subscription plans is:
- Free: 1
- Essential: 3
- Professional: 5
- Enterprise: customized offering
NOTE: The permitted enterprise connections can be of any type. For example, 'Essential' could have identical types of connections (for example, 3 x SAML ), or they could be mixed in any combination (for example, SAML, Google Workspace, Ping Federate ).
For the most up-to-date information, refer to the pricing policy page: Flexible pricing for companies and developers.
Entity Limits
In addition to potential limits on the number of permitted Enterprise connections, Auth0 enforces a range of entity limits on a range of product features. These include:
- a maximum of 50 tenants per customer
- constraints on the size and scope of Organizations
- limits on Authorization Core Role-Based Access Control (RBAC)
For a complete description, refer to Entity Limits Policy.
Enterprise connection limits
As described in Enterprise Subscription Limits, enterprise customers may have an unlimited number of connections of all types (including SAML).
Regarding the original question, it is certainly possible to create 1000 SAML connections and link them with a single Application. However, anything over 100 connections per client application can be confusing and difficult to manage. For example, consider the case where a single client application has 200 connections enabled. If a Management API request is made to get a list of all the connection_ids for that client, only the first 100 will be returned in that list due to the way the endpoint is paginated.
In summary, even when Auth0 does not enforce a hard limit on the number of applications or connections, there are practical limits on performance and manageability. This fact must be considered when configuring many connections or applications within a tenant.
