Note: You can confirm your current rate limit status at any time. For more information, see "Checking your rate limit status."
GitHub Apps making server-to-server requests use the installation's minimum rate limit of 5,000 requests per hour. If an application is installed on an organization with more than 20 users, the application receives another 50 requests per hour for each user. Installations that have more than 20 repositories receive another 50 requests per hour for each repository. The maximum rate limit for an installation is 12,500 requests per hour.
GitHub Apps that are installed on an organization within an enterprise on GitHub.com are subject to a limit of 15,000 requests per hour per organization that has installed the app.
GitHub Apps and OAuth Apps can also act on behalf of a user, making user-to-server requests after the user authorizes the app. For more information, see "Authorizing GitHub Apps" and "Authorizing OAuth Apps."
User-to-server requests from OAuth Apps are authenticated with an OAuth token. User-to-server requests from GitHub Apps are authenticated with either an OAuth token or an expiring user access token. For more information, see "Identifying and authorizing users for GitHub Apps" and "Authorizing OAuth Apps."
The rate limits for user-to-server requests made by GitHub Apps depend on where the app is installed. If the app is installed on organizations or repositories owned by an enterprise on GitHub.com, then the rate is higher than for installations outside an enterprise.
User-to-server requests are limited to 5,000 requests per hour and per authenticated user. All requests from OAuth applications authorized by a user or a personal access token owned by the user, and requests authenticated with any of the user's authentication credentials, share the same quota of 5,000 requests per hour for that user.
User-to-server requests are subject to a higher limit of 15,000 requests per hour and per authenticated user in the following scenarios.
- The request is from a GitHub App that's owned by a GitHub Enterprise Cloud organization.
- The request is from an OAuth App that's owned or approved by a GitHub Enterprise Cloud organization.