Usage Limits & RBAC
Plan-based request and token limits, enforced before any provider call
Limits are enforced before any provider call
Every chat request is checked against your plan's request and token limits before it reaches any AI provider. If you're over the limit, TarqaAI returns HTTP 403 instead of forwarding the request — see the Plan Limits page for the exact numbers per plan.
Where limits come from
Personal workspace
Your personal chat, knowledge base, webhook, and API key limits are always based on your own subscription plan (free / starter / pro).
Team workspace
In a team workspace, limits are based on the team owner's subscription plan (team / enterprise) — not any individual member's personal plan.
No custom overrides
Limits are fixed per plan tier. There's no separate per-key or per-seat budget to configure — upgrading the plan raises the limit.
RBAC — 5 roles
| Role | Can call API | Manage keys | Manage team | Billing |
|---|---|---|---|---|
| Owner | ✓ | ✓ | ✓ | ✓ |
| Admin | ✓ | ✓ | ✓ | — |
| Developer | ✓ | ✓ | — | — |
| Member | ✓ | — | — | — |
| Viewer | — | — | — | — |
SAML 2.0 SSO
Connect Okta, Azure AD, Google Workspace, or any SAML 2.0 identity provider. Users sign in via your corporate identity — no separate password needed. Available on the Team and Enterprise plans.
