Implementing API Based Throttling - Fixed Time Intervals
In this scenario, the application of API Based Throttling policy to the Mock API created on Apinizer will be tested.
Using throttling for services is a way to limit the amount of requests by preventing overload.
In the scenario, we can divide the incoming requests into equal time intervals of 5 minutes so that only 10 requests are accepted every 5 minutes.
Create a mock api instance and add the policy.
We are adding API Based Throttling as a policy.
In the scenario, let's limit incoming requests to 10 requests in 5 minutes using the Fixed Window method.
- If the period is set to 5 minutes and for example the policy is saved at 12:00:00.
- Requests between 12:00:00 and 12:04:59 are counted in the same window.
- At 12:05:00 a new window starts and the counter is reset.
| Field | Description |
|---|---|
| Show Rate Limit Statistics in Response Header | If enabled, it displays the limit statistics for the ratio in the response header. |
| Message Count | The number of requests allowed. In this scenario we set it as 10. |
| Interval Time Amount | It is the period determined according to the selected time unit. In this scenario, we set it as 5. |
| Interval Time Unit | Unit of time. In this scenario we set it in minutes. |
| Specific throttling limits are defined for each target. | |
| Interval Window Type | The method used to apply the time interval. Time periods of 5 minutes of type Fixed. |
| Cache Connection Timeout (Second) | Specify the connection timeout value for the connection between the policy and the cache. |
If there is a connection problem with the cache, return an error (select Fail ) or continue without applying the request constraint (select Continue ). |
When we sent a sample request from the test console, the message was blocked because the restriction limit was reached after the 10th request between 14:00:00 and 14:04:59 at the current time.
Target-Specific Throttling Rules
With this feature you can define custom throttling limitations for specific users or targets.
We add API Based Throttling as a policy.
- By using Target-Specific Throttling Rules, special quota limits can be set based on user (header, body or any other field). In the general policy, while limiting incoming requests to 100 requests for 5 minutes with the Fixed Window method, a maximum limit of 5 requests in 5 minutes can be defined for user1.
- In the Fixed Window method, if the period is set to 5 and the minute is selected:
- For example, if the policy is saved at 12:00:00, this policy will be valid between 12:00:00 and 12:04:59 on the current day and 100 requests can be made during this period as a general rule.
- For user1, which we defined with Target-Specific Quota Rules, a minute-based limit is set. If a 5-minute period starts at 12:00:00, this covers the period between 12:00:00 and 12:04:59 and user1 can make a maximum of 5 requests in this time interval. At the next 5-minute slot (12:05:00) the counter is reset to zero.
- In the next 5 minute period (e.g. between 12:05:00 and 12:09:59), a new 100 requests will be granted for the general policy and user1 will be granted 5 requests again.
When we send a sample request from the test console, when we send a request with user1 from the username header, the message was blocked because the restriction limit was reached after the 5th request between 12:00:00 and 12:04:59 at the current time.
