How to enable rate limiting in Tyk API at endpoint level (multiple rate limit values corresponding to each extended path)

Support Administration and Operation
, , ,
1

Hi All
We have a use case in hand where we wish to enable rate limiting in Tyk APIs not at the API Level ( as stated in the following documentation: API Level Rate Limits ), but at endpoint level (sharing the relevant documentation for your reference: URL Rewriting).

Is there a way to achieve the aforementioned scenario using Tyk v4.3.4 Opensource? I mean can we publish a Tyk API with following extended path methods?

endpoint 1: (rate limit - 100/sec)
path : “/endpoint1”
verb : “GET”

endpoint 2: (rate limit - 20/sec)
path : “/endpoint1”
verb : “POST”

Regards

2

Hi @Bismeet_Singh,

Welcome to the community :partying_face: and thank you for your patience :muscle:

There’s currently no way to have different rate limits per endpoint in a Single Tyk API.

However, you can achieve it using URL Rewriting and API Level Rate Limits, just as you’ve referenced. You would need a few API definitions though, and I’ll share sample files in this post.

You’d need a wrapper API, which will be the main/only one that users call. This wrapper API will use URL rewrite (with looping) to call internal APIs which have rate limits defined on the API level for them.
Essentially, you would have as many internal APIs as the number of unique rate-limited endpoints you require.

3 API definitions below: The Wrapper/Main API, Endpoint1 and Endpoint2 APIs.
Note: Observe the need to include query param, check_limits, in the URL rewrite so that Rate Limit is enforced.

#Wrapper/Main API

{
    "id": "64d0d1ef458fd70001d5b2df",
    "name": "main",
    "slug": "main",
    "api_id": "3b1ef7dd95a54b736d13d93d8f543d98",
    "org_id": "64ca4c545cf4060001966aef",
    "use_standard_auth": true,
    "base_identity_provided_by": "",
    "version_data": {
        "not_versioned": true,
        "default_version": "",
        "versions": {
            "Default": {
                "name": "Default",
                "expires": "",
                "use_extended_paths": true,
                "extended_paths": {
                    "url_rewrites": [
                        {
                            "path": "endpoint2",
                            "method": "POST",
                            "match_pattern": "endpoint2",
                            "rewrite_to": "tyk://e2233cf905684b517f6ce24a501f82c2/?check_limits=true",
                            "triggers": []
                        },
                        {
                            "path": "endpoint1",
                            "method": "GET",
                            "match_pattern": "endpoint1",
                            "rewrite_to": "tyk://23785433bdd848bb7204b2ab3be823b9/?check_limits=true",
                            "triggers": []
                        }
                    ]
                }
            }
        }
    },
    "proxy": {
        "preserve_host_header": false,
        "listen_path": "/main/",
        "target_url": "http://host.docker.internal:7070/",
        "disable_strip_slash": true,
        "strip_listen_path": true
    },
    "active": true,
    "internal": false
}


#Endpoint1 API

{
    "name": "dummy1",
    "slug": "dummy1",
    "api_id": "23785433bdd848bb7204b2ab3be823b9",
    "org_id": "64ca4c545cf4060001966aef",
    "use_keyless": true,
    "base_identity_provided_by": "",
    "version_data": {
        "not_versioned": true,
        "default_version": "",
        "versions": {
            "Default": {
                "name": "Default",
                "expires": ""
            }
        }
    },
    "proxy": {
        "listen_path": "/dummy1/",
        "target_url": "http://host.docker.internal:7070/anything/dummy1",
        "disable_strip_slash": true,
        "strip_listen_path": true
    },
    "active": true,
    "internal": true,
    "global_rate_limit": {
        "rate": 100,
        "per": 1
    }
}


#Endpoint 2 API

{
    "name": "dummy2",
    "slug": "dummy2",
    "api_id": "e2233cf905684b517f6ce24a501f82c2",
    "org_id": "64ca4c545cf4060001966aef",
    "use_keyless": true,
    "base_identity_provided_by": "",
    "version_data": {
        "not_versioned": true,
        "default_version": "",
        "versions": {
            "Default": {
                "name": "Default",
                "expires": ""
            }
        }
    },
    "proxy": {
        "listen_path": "/dummy2/",
        "target_url": "http://host.docker.internal:7070/anything/dummy2",
        "disable_strip_slash": true,
        "strip_listen_path": true
    },
    "active": true,
    "internal": true,
    "global_rate_limit": {
        "rate": 20,
        "per": 1
    }
}


Hope this helps!

3

Hi,

I’m delighted to be able to update this ticket with the news that we have added support for endpoint level rate limits in 5.5.0 (upstream controls) and 5.6.0 (client controls).

Thanks for supporting Tyk!