The Rate Limiting Policy governs the number of times requests made to an API within a specified time period. The requests can be filtered by user, application or API and can set the level of granularity for the time period to second, minute, hour, day, month or year. The intended use of this policy is for fine grained processing, for example limiting the requests to 10 per second.
Configuration Options
Basic Configuration
| Option | Description | Possible Values | Default |
|---|---|---|---|
| Number | Number of requests that must be received before the policy will trigger. | The maximum value you can specify is 9007199254740991 (253 - 1). | - |
| Granularity | The element for which the requests are counted. |
| None |
| Period | The time period over which the policy is applied. |
| None |
Advanced Configuration
Use the advanced options to configure the rate-limiting response headers. These headers convey useful information to clients, such as the limits imposed and when to reset the rate period. Override the default header names by entering your own.
| Option | Description | Possible Values | Default |
|---|---|---|---|
| Limit Response Header | Optional. HTTP response header the API Management will use to store the limit being applied. | a string | X-RateLimit-Limit |
| Remaining Response Header | Optional. HTTP response header the API Management will use to store how many requests remain before the limit is reached. | a string | X-RateLimit-Remaining |
| Reset Response Header | Optional. HTTP response header the API Management will use to store the number of seconds until the limit is reset. | a string | X-RateLimit-Reset |
Overview
Content Tools