Rate Limit Policy

The Rate Limit Policy is designed to protect your API from excessive usage by controlling the number of requests a client can make within a specified time frame. This policy helps ensure fair usage, prevents abuse, and maintains the overall performance and availability of your API.

Key Features

• Request Throttling: Limit the number of API calls that can be made in a given time period (e.g., per second, minute, or hour).
• Client-Specific Limits: Apply different rate limits based on API keys, or IP addresses.
• Customizable Time Windows: Define the duration for which the rate limit applies, allowing you to tailor the policy to your specific needs.
• Error Handling: Automatically respond with appropriate error messages (e.g., HTTP 429 Too Many Requests) when the limit is exceeded.

How It Works

1. Request Monitoring:

   • Each incoming API request is monitored and counted against the configured rate limit.

2. Limit Evaluation:

   • The system checks whether the number of requests from a specific client (or API key) has exceeded the allowed threshold within the defined time window.

3. Access Decision:

   • Within Limits: The request is processed normally.
   • Exceeded Limits: The request is rejected, and an error response is sent back to the client, indicating that the rate limit has been exceeded.

Steps

• Add the Basic Rate Limit Policy
• Provide values for Count, Interval, Rejection Code and Rejection Message
• Deploy and test