Skip to content

How do the limits work — and what happens when they're reached?

Requires Basic

Notory has two hard limits: the asset limit per tenant (from the tenant’s plan, capped by the product license) and the tenant limit per installation (from the product license). When a limit is reached, only creating new objects is rejected with 403 and an upgrade hint — existing data stays untouched, nothing is deleted or locked. The UI warns beforehand: utilization and …_limit_reached flags appear in the License section and in the entitlements.

Effective asset limit of a tenant = the minimum of the tenant’s plan limit and the product license’s max_assets (−1 = unlimited):

Plan (tenant)Asset limit
Community30
Basic250
Professional2,500
Elite5,000
EnterpriseUnlimited

Example: a tenant on the Professional plan (2,500) under a license with max_assets: 1000 may effectively hold 1,000 assets. The tenant limit comes solely from the product license (max_tenants; Community: 1, Enterprise: unlimited).

  1. View utilization. Administration → License shows “Assets used” (e.g., “1,873 / 5,000”) and Max Assets; with multi-tenant, also the tenant count.

  2. Take upgrade hints seriously. Close to the limit, the UI displays hints; locked actions show the message “Not included in your plan - upgrade to unlock”.

  3. Clean up or upgrade. When you hit the limit: permanently delete old assets (empty the recycle bin!) or extend your license.

  • Checked before every creation. On POST /api/v1/assets, Notory counts the tenant’s assets live and compares them to the effective limit; on POST /api/v1/tenants, it does the same for the installation’s tenants. When the limit is reached, you get 403 with a plain-text reason — the action doesn’t happen.
  • Only new creations are affected. Reading, editing, assigning, exporting, and deleting all work without restriction at the limit. There’s no throttling and no data loss; even when falling back to Community (expired license), all data is retained — only new records above the limit and premium modules are locked.
  • The recycle bin counts too. Soft-deleted assets remain in the asset table — so they occupy limit slots until the recycle bin is emptied or the retention period removes them permanently. Near the limit, emptying it is worthwhile.
  • Tell the three families of 403 apart. (1) Limit reached (“Asset/Tenant limit reached …”), (2) module not in plan (“The … module is not included …”), (3) missing permission (role/scope). The detail text distinguishes them unambiguously — important for automation.
  • Display is cached, enforcement is live. The entitlements response is cached briefly (purely a display optimization); the limits themselves are checked live on every write. So a briefly stale display can never let a creation “sneak through”.