Workday Security · Rate Limits
Workday Security Rate Limits
Workday does not publish a unified, public rate-limit policy for the Authentication, Identity, Security Groups, Audit, Privacy, or User Activity APIs. Documentation lives on community.workday.com behind customer authentication. Throttling is tenant-scoped.
1 Limits
Rate LimitingSecurityAuthenticationWorkday
Limits
Tenant-scoped throttling (see gated Workday Community documentation) tenant
see https://community.workday.com/api
Workday enforces tenant-level throttling and OAuth token-issuance rate limits; specific values are published only inside the authenticated Workday Community reference.
Policies
Documentation gating
Workday API rate-limit policy is published only on community.workday.com, which requires a customer login. No public per-second or per-minute numbers are available.
Backoff
Standard guidance is exponential backoff with jitter on HTTP 503 and on documented Workday throttling SOAP faults.
Token issuance
OAuth token issuance and SAML assertion exchange have separate, tenant-bound rate limits documented inside the gated Authentication API reference.