Rate Limit By Client

Azure Developer 1 Reputation point
2021-03-29T22:28:07.703+00:00

There is a product available in our API manager and use by multiple client applications in our organization.

We want to define a rate limit (quota limit) for the client, so that if the limit is exceeded, we will stop all incoming requests.

Example: We have a payment product and are consuming three customers (C1, C2, C3)

For C1 - No of Requests for sec -- 1000
For C2 - No of Requests for sec -- 5000
For C3 - No of Requests for sec -- 10000

is there any way to handle this validation in the product policy file based on the client-id?

Note: We have a single product for all the clients.

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,752 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JayaC-MSFT 5,526 Reputation points
    2021-04-06T13:22:29.41+00:00

    Hello @Azure Developer , you may consider separate subscriptions for the user groups / clients , e.g. 

    rate-limit-by-key calls="10" renewal-period="15" counter-key="@(context.Subscription.Id)"

    Otherwise you can achieve this by using any user-agent or userKey and send as a request parameter

    e.g. 

    rate-limit-by-key calls="10" renewal-period="15" counter-key="@(context.Request.Url.Query.GetValueOrDefault("userKey", ""))"

    You may also check the context.Request.IpAddress if that helps.

    https://learn.microsoft.com/en-us/azure/api-management/api-management-policy-expressions#ContextVariables

    0 comments