We will proceed by explaining the application of throttling based on variable content through an example scenario.
Example Scenario:
- Users can send SMS messages to specified phone numbers through an API service.
- From the same user, a maximum of 10 SMS messages can be sent to the same phone number within one minute.
- If the number of SMS messages sent from the same user to the same phone number exceeds 10, the SMS API should return an error message to the user, the request should not reach the SMS API, meaning the SMS should not be sent to the user.
Solution:
In Apinizer, in the existing throttling policy, a limitation can be applied to the target variable definition where throttling can be performed based on "one" variable.
In this scenario, throttling should be applied based on both the user and the phone number.
To achieve this, a "Custom Variable" can be created, and both the user and the phone number values can be assigned to it. Then, throttling policy will be applied based on this custom "one" variable.
Implementation of the Scenario:
Firstly, a Custom Variable is created. Such variables only exist within the flow they are used in.
This scenario is applied at the request pipeline. The values of the username and phone number are retrieved from the request header fields.
In the scenario, both Business Rule and API Based Throttling policies are used.
With the Business Rule policy, the username and phone number sent in the request header are added to the Custom Variable.
The Custom Variable containing two values is added to the Apply by field within the API Based Throttling policy. The number of messages and the duration are specified.
Afterward, the API Proxy is deployed.
When the scenario is implemented, for requests that are throttled, an error message is returned to the user as follows: