Correct way for giving rate limit exception to one particular user

Support
#1

I have a particular scenario, can someone help me find the correct way to deal with it?

Suppose there are 1000 users using the policy “A” which applies:

  • rate limit of 10 requests per second
  • quota 60 requests per minute

A certain special user(1 user out of the 1000 registered users) need to consume at a rate of 60 requests per second(with same quota of 60 rpm as before) otherwise he will not be able to consume his full quota during peak time.

I need to set separate rate limit to that certain user so that he can consume at a rate of 60 requests per second.

Two methods I see are:

  1. If policy “A” is partitioned for rate limit I need to set rate limit in every key as 10 request per second and set rate limit in that certain user as 60 request per second.

Issue here is that I have already applied the partitioned policy “A” in every key and I need to set rate of 10 rps in 999 keys also in order to set the rate of 60 rps for that 1 user.

  1. I can create a separate policy “B” for that single user.

Issue here is I need to create a duplicate policy for just one user with a single change in rate alone.

What will be the best method to approach this?

As we can see both ways I have in hand has got disadvantages. Is there any better approaches for this?

#2

Hi,

You don’t have to use a policy to issue a key, it can be issued directly against an API or group of APIs.

As you’ve noticed policies are like templates for creating keys. But for unique keys a template may not be the right thing.

Cheers,
Pete

#3

Hi @Pete,

The thing is we surely need to use policy for easy management of multiple keys together which are sharing common factors, say 1000 keys.

So there are two unique key sets one set containing 999 users with rate limit of 10 rps and second set of 1 user with rate of 60 rps. Rest of the fields in both sets are same.

Without using policy I will need to set rate and other fields in every key initially and also if rate limit needs to be raised from 10 to 15 rps later for first set of 999 users, it needs to be updated in all 999 users separately. It won’t be feasible at all.

My question is out of these 1000 using say policy “A” suppose a single user needs a distinct rate limit to be set, rest all remaining the same. What can be done for that?

Are the two methods I already mentioned here the only ways to do it?

Please suggest if there is something else better than those two, solving the issues with each of the two?

#4

Hi,

A certain special user(1 user out of the 1000 registered users) need to consume at a rate of 60 requests

I was answering this question. For a single user you can easily issue a single key without a policy

The thing is we surely need to use policy for easy management of multiple keys together which are sharing common factors, say 1000 keys.

I’m not suggesting you change the way you manage the 1000 users, just that you can issue a key to the unique user without using a policy. I do feel that were there is one there will be more and the overhead of setting up a new policy is very small but if you don’t want to do that, then issuing a single key seems like a good option.

However if you want to use policies your only options are the ones you have outlined.

Cheers,
Pete

#5

Hi,

By 1 user what I actually meant is only a much smaller fraction of total number of users.

I had been trying to find a way to group and relate that entire set of say 1000 users(999 normal users + 1 special user) with a single policy but still satisfying my requirements.

If that’s the case, it seems issuing a separate policy(method 2) for that 1 user(small set of users in actual) needs to be done.

Thank you for your response.