Rate limiting policy is not being applied dynamically using JWT scope claims mapping

Hi, I am using a trial version of tyk cloud gateway. I have created an api using JWT authentication type. actially I want to rate limit dynamically on the basis of JWT policy claims. I have added two policy and mapped those policy in the API definition . but when I am trying to access the api tyk is not blocking the request as per the rate limit which i set in the policy. Any help would be really appreciated.

My steps are as follows:

  1. created an API

  2. chosen authentication as JWT
    payload of my JWT as below
    “sub”: “37577”,
    “name”: “ratnesh”,
    “iat”: 1516239022,
    “policy”: “user1”

  3. added 2 policy JWT policy1 and JWT policy2

  4. set rate limit 5 per 60 sec for JWT policy1 and 10 per 60 sec for JWT policy2

  5. mapped the JWT scope claims in API definition as
    Claim name Policy name
    user1 JWT policy1
    user2 JWT policy2

  6. I am generating the JWT tokens for both type of policy claims

Now, when I try to hit the API by passing these JWT token Rate limit is not working as expected. for continuous hits I am getting the response no blocking at all.

Hello @avgk and thanks for trying out Tyk Cloud. Are you using the gateway / ingress / edge endpoint to test the JWT and rate limiting behaviour?

If not then kindly go through this thread to tag your API for shading. After that, make your API request using the ingress/edge endpoint and let us know how it goes.

By the way, welcome to the community.

Thanks @Olu for your response !!

I followed your suggestion and tagged my API shading and also using ingress URL now to access the API. Now rate limit policy are working fine but I am keep on getting 404 response when accessing the API from postman.

my service is running on localhost:8080. I have exposed the localhost using NGROK wherein i issue the command “ngrok http 8080”. While I’m trying to access the endpoint, I’m getting Status Code:404 (not found).

Do you have access to the gateway logs?

If you are using Tyk OSS or Tyk Self-Managed, then you could enable debug mode on the gateway in the config file to see the debug logs. I have dropped a sample of a quick request I made

If you can see the logs then you want to be on the look out for the Outbound request URL to be sure there are no transformations going on.

Hi @Olu I am new to tyk and just started exploring It. currently using tyk cloud trial version and I have windows 10 machine. from where I can get this tyk.config file?

Hi @Olu , I caught my mistake. now its working fine and getting the response properly. Thanks for your support !!

That’s Great! Thanks for the update. I am glad I could help.