Skip to main content
In this scenario, the application of the API Based Quota policy to a Mock API created on Apinizer will be tested. The Quota policy limits the total number of requests that can be made in a certain time period. This policy is generally used to provide longer-term usage control (for example, giving a specific user permission for 1000 requests within one day or one month). In the scenario, we will limit incoming requests to 100 requests in a 1-day time period. Let’s create a Mock API example and add the policy. We add API Based Quota as a policy. In the scenario, let’s limit incoming requests to 100 requests for 1 day using the Fixed Window (Fixed Window) method.
  • If the period is set to 1 and day is selected:
  • For example, if the policy was saved at 12:00:00, this policy will be valid between 00:00:00 and 23:59:59 within the current day.
  • At 00:00:00 the next day, a new window starts and the counter resets.
FieldDescription
Permitted Message CountThe number of requests allowed. We set this to 100 in this scenario.
Interval Time AmountThe period determined according to the selected time unit. We set this to 1 in this scenario.
Interval Time UnitTime unit. We set this to day in this scenario.
Target-Specific Quota RulesSpecial quota limits are defined for each target.
Interval Window TypeMethod used to apply the time interval. 1-day time periods in Fixed type.
Cache Connection Timeout (Second)Specify the connection timeout value for the connection between the policy and cache.
Action for Cache Connection ErrorIf there is a connection problem with cache, it is determined whether to return an error (Fail is selected) or continue without applying the request limit (Continue is selected).
When we send a sample request from the test console, the message was blocked because the restriction limit was reached after the 100th request within the time range between 00:00:00 and 23:59:59 on the current day.

Target-Specific Quota Rules (Target-Specific Quota Rules)

Thanks to this feature, you can define special quota limitations for specific users or targets. We add API Based Quota as a policy.
  • Using Target-Specific Quota Rules (Target-Specific Quota Rules), special quota limits can be determined based on users (based on header, body, or another field). While limiting incoming requests to 100 requests for 1 day using the Fixed Window (Fixed Window) method in the general policy, a limit of maximum 5 requests per hour can be defined for the user1 user at the same time.
  • In the Fixed Window method, if the period is set to 1 and day is selected:
  • For example, if the policy was saved at 12:00:00, this policy will be valid between 00:00:00 and 23:59:59 within the current day, and 100 requests can be made as a general rule during this period.
  • At 00:00:00 the next day, a new window starts and the counter resets.
  • For the user1 user we defined with Target-Specific Quota Rules, an hourly limit has been determined. If an hour period starts at 00:00:00, this covers the period between 00:00:00 and 00:59:59, and the user1 user can make a maximum of 5 requests in this time range. In the next hour period (01:00:00), the counter resets.
When we send a sample request from the test console, when we send a request with the user1 user from the username Header, the message was blocked because the restriction limit was reached after the 5th request within the time range between 00:00:00 and 00:59:59 at the current hour.