Imported Google Group message. Original thread at: Redirecting to Google Groups Import Date: 2016-01-19 21:43:52 +0000. Sender:Malnad Sagar. Date:Monday, 18 January 2016 12:49:13 UTC.
I would like to have rate limit per user on per API Basis
Say User 1: 100 requests/minute for httpbin api
User 2 : 500 requests/minute for httpbin api
If I understand, Policy will create same rate limit for all users
Imported Google Group message. Sender:Martin Buhr. Date:Monday, 18 January 2016 13:19:27 UTC.
Yes, you will need two policies, one for users in class 1 (100 p/min) and one for users in class 2 (500 p/min) you can then upgrade and downgrade keys for those policies.
I understand that I can have a policy for a user but how to I have rate limit for the API across all users?
For example I might have 10 req/sec rate limit per user but I do not want the gateway to do 1000 req/sec for a specific API no matter how many unique users make request. This will help to protect a backend or to protect the gateway itself.
This is currently not supported - you can rate limit on a user basis only. You could loop the service back on itself though, and have one API Definition point at another one (localhost), then inject a token into all inbound requests that sets an application-wide rate limit, then the second proxy will handle the application wide limit and the first the user-specific one. Not ideal but it will do what you require.