What Are OpenAI Codex Pro Plan Limits and Abuse Policies?

Mar 19, 2026

Problem

I signed up for OpenAI Codex Pro at $20/month because the marketing said “no limits.” Then I started getting rate limit errors after a few hours of automation work.

When I checked my dashboard, I saw:

Error: Rate limit exceeded
Your account has been flagged for unusual activity.
Please wait before making additional requests.

This confused me. I thought Pro meant unlimited. It turns out “no limits” has a very specific meaning—and it doesn’t cover what most developers assume.

What “No Limits” Actually Means

OpenAI’s marketing talks about “unlimited access” to models. But this refers to model access tiers, not usage volume.

Here’s what I found when I dug into the actual limits:

Codex Pro ($20/month) Reality:
- Model access: Unlimited (use any model)
- Rate limits: Yes, they exist
- Usage thresholds: Yes, they trigger abuse detection
- Automation detection: Yes, it's watching you

The key distinction: access vs. volume. Pro gives you unlimited access to models, but volume still has soft and hard limits.

How Abuse Detection Works

I tested the boundaries by running different automation patterns. Here’s what I learned about how OpenAI’s abuse detection triggers:

Abuse Detection Triggers:
1. Request velocity: Too many requests per minute/hour
2. Pattern consistency: Identical request patterns over time
3. Non-business hours activity: Heavy usage at 3 AM
4. API vs. web ratio: High API usage relative to web usage
5. Session length: Continuous usage without breaks

When I ran a web scraping automation for 4 hours straight, I got flagged. When I ran the same workload spread across a day with random intervals, no issues.

The detection seems to look for “bot-like” behavior, not just volume.

The Unspoken Limits

Based on my testing and community reports, here are the approximate thresholds:

Codex Pro Soft Limits (estimates):
- Requests per hour: ~200-500
- Requests per day: ~2,000-5,000
- Concurrent sessions: ~3-5
- Context window resets: ~50-100 per hour

Hard Limits (will block you):
- Sustained high velocity for hours
- Identical request patterns
- Multiple concurrent automation scripts
- Exceeding daily thresholds repeatedly

These aren’t published anywhere. I had to learn them through trial and error—and error messages.

Why This Matters for Automation

I use Codex for automating content creation workflows. Here’s what happened when I tried to process 100 URLs in a single batch:

My naive approach:
- Start at 9:00 AM
- Process URL 1-50: Success
- Process URL 51: Rate limit error
- Process URL 52-100: All blocked
- Account flagged for 2 hours

The automation workflow I wanted:

# This triggers abuse detection
async def process_urls(urls: list[str]):
    for url in urls:
        result = await codex.analyze(url)  # Continuous requests
        await save_result(result)
        # No delay, no randomization

The workflow that actually works:

import random
import asyncio

async def process_urls_safely(urls: list[str]):
    for i, url in enumerate(urls):
        # Respect rate limits
        if i > 0 and i % 10 == 0:
            await asyncio.sleep(random.randint(30, 120))

        result = await codex.analyze(url)
        await save_result(result)

        # Add human-like delays
        await asyncio.sleep(random.randint(2, 8))

The difference: the second approach mimics human usage patterns.

When to Consider Distributed Accounts

For legitimate high-volume automation, I considered two approaches:

Approach 1: Single Pro Account

Pros:
- $20/month cost
- Simple setup
- All history in one place

Cons:
- Soft limits on everything
- Abuse detection triggers
- Blocked during critical workflows

Approach 2: Multiple Pro Accounts

Pros:
- Distribute load across accounts
- Avoid single point of failure
- Stay under detection thresholds

Cons:
- $40-60/month cost
- More complex management
- Potential ToS concerns

The key question: Is splitting accounts allowed? I couldn’t find clear guidance in OpenAI’s terms. Some developers do it. Some got banned.

I decided to stay with a single account and optimize my usage patterns instead.

How to Stay Under the Radar

After getting flagged multiple times, I developed these practices:

Mimic human patterns
- Add random delays between requests
- Take breaks (don’t run 24/7)
- Vary your request patterns
Monitor your velocity
- Track requests per hour
- Stay under 200/hour for sustained use
- Use a queue with rate limiting
Spread work across time
- Don’t batch everything into one session
- Use scheduled jobs at different times
- Process high-volume tasks overnight with delays
Respect the soft limits
- When you hit a rate limit, back off
- Don’t retry immediately
- Implement exponential backoff

import asyncio
from datetime import datetime

class RateLimitedCodexClient:
    def __init__(self, max_per_hour: int = 150):
        self.max_per_hour = max_per_hour
        self.requests = []
        self.min_delay = 2
        self.max_delay = 10

    async def request(self, prompt: str):
        # Clean old requests
        now = datetime.now()
        self.requests = [t for t in self.requests
                        if (now - t).seconds < 3600]

        # Check limit
        if len(self.requests) >= self.max_per_hour:
            wait_time = 3600 - (now - self.requests[0]).seconds
            await asyncio.sleep(wait_time)

        # Add human-like delay
        delay = random.randint(self.min_delay, self.max_delay)
        await asyncio.sleep(delay)

        # Make request
        self.requests.append(now)
        return await self.codex.generate(prompt)

The Enterprise Alternative

For teams with legitimate high-volume needs, OpenAI offers enterprise tiers:

Enterprise Options:
- Dedicated capacity
- Higher rate limits
- Custom agreements
- SLA guarantees
- Volume discounts

Cost: Contact sales (expensive)

For individual developers, the Pro plan is usually sufficient—if you respect the unwritten limits.

Summary

In this post, I explained the reality behind Codex Pro’s “no limits” claim. The key points:

“No limits” means unlimited model access, not unlimited volume
Abuse detection triggers on velocity, patterns, and bot-like behavior
Soft limits exist around 150-200 requests/hour for sustained use
Single accounts work for most developers with proper rate limiting
Multiple accounts are a gray area—use at your own risk
Enterprise tiers exist for legitimate high-volume needs

The Pro plan is still excellent value at $20/month. Just don’t expect true unlimited automation. Design your workflows with realistic limits, add human-like delays, and you’ll rarely hit issues.

Final Words + More Resources

My intention with this article was to help others share my knowledge and experience. If you want to contact me, you can contact by email: Email me

Here are also the most important links from this article along with some further resources that will help you in this scope:

👨‍💻 OpenAI Usage Limits FAQ
👨‍💻 Reddit: Codex Pro limits discussion

Oh, and if you found these resources useful, don’t forget to support me by starring the repo on GitHub!