How to associate organisation with rate limiting


I struggle to find documentation on this. I know rate limiting is applied to each session, but we also want to apply it to each organisation.

For example, I have 3 partners, each partner can have X number of developers. I want the developers from partner A to have total 100 request/second limit, developers from partner B to have 50 request/second, etc.

How can I achieve this? Should I use a custom middleware/plugin?