API Keys have top-level fields of “rate”, “per”, “quota_remaining” etc. as well as the ones within the “access_rights” objects:
GET /tyk/keys/{api_key}
{
...
"rate": 30,
"per": 30,
"quota_max": 20,
"quota_renews": 0,
"quota_remaining": 0,
"quota_renewal_rate": 60,
"access_rights": {
"my-api": {
"api_name": "My API",
"api_id": "my-api",
"versions": [
"Default"
],
"allowed_urls": [],
"restricted_types": null,
"limit": {
"rate": 30,
"per": 30,
"throttle_interval": 0,
"throttle_retry_limit": 0,
"max_query_depth": 0,
"quota_max": 20,
"quota_renews": 0,
"quota_remaining": 20,
"quota_renewal_rate": 60
},
"field_access_rights": null,
"allowance_scope": ""
}
},
"org_id": "my-org",
"is_inactive": false,
"apply_policy_id": "",
"apply_policies": [
"my-api-silver"
],
...
}
Which API do those top-level limits refer to and how are they applied when you have multiple APIs listed in your “access_rights” object (because you have multiple “apply_policies” listed)?