LastPass · Rate Limits

Lastpass Rate Limits

LastPass throttles abusive Enterprise API traffic and protects authentication endpoints with adaptive rate limiting (failed-login backoff, captcha, account lockout). Per-second numeric ceilings for the Enterprise API are not exhaustively published; LastPass guidance is to batch user-management commands (batchadd, batchchange) instead of single-user calls and to use the SCIM endpoint for ongoing directory sync. Reconciliation against a published numeric ceiling pending - confirm with LastPass support for high-volume integrations.

Lastpass Rate Limits is the machine-readable rate-limit profile for LastPass on the APIs.io network, conforming to the API Commons Rate Limits specification.

It captures 3 rate-limit definitions, measuring requests and failed_logins.

The profile also includes 4 backoff/retry policies defined and response codes documented for throttled and unauthorized.

Tagged areas include Security, Password Manager, Vault, Identity, and Enterprise.

3 Limits Throttle: 429
SecurityPassword ManagerVaultIdentityEnterpriseRate LimitingThrottling

Limits

Enterprise API Throttle customer
requests · minute
dynamic
Dynamic throttle applied per enterprise customer (cid). Numeric ceiling not published; sustained excessive request volume can trigger temporary block.
Authentication Endpoint Throttle account
failed_logins
adaptive
Failed authentication is met with progressive backoff, captcha, and eventual lockout. Applies to user logins, not the Enterprise API itself.
SCIM Provisioning tenant
requests · minute
dynamic
The SCIM endpoint applies its own dynamic throttle suited to directory-sync patterns from Okta, Entra ID, and Google Workspace.

Policies

429 Throttling
The Enterprise API returns 429 / generic error on excessive throughput. Clients should back off before retrying.
Batch Operations
Use batchadd, batchchange, and other batch commands rather than per-user calls to reduce request volume.
Prefer SCIM For Directory Sync
Use the SCIM 2.0 endpoint for ongoing directory provisioning; it is built for sustained sync patterns and integrates natively with major identity providers.
Backoff Strategy
Implement exponential backoff with jitter on 429/5xx responses; cache reporting results where the underlying data is not changing rapidly.

Sources