Applies To:Show Versions
- 15.1.0, 15.0.1, 15.0.0
Adding API Rate Limiting to a per-request policy
- On the Main tab, click.
- In the Per-Request Policy column of the API protection profile, clickEdit.The visual policy editor opens the per-request policy in a separate screen.
- On a policy branch, in the location where you want to enforce rate limiting, click+.For example, if the policy includesClassify API Request (RCA), the Request Classification Agent, you may want to apply different levels of rate limiting to different classes of requests and would click the+after that agent.The API Rate Limiting agent has to be located in the main policy branch (or macro) and never in a subroutine.A popup screen displays actions on tabs and provides a search field.
- On the Traffic Management tab, selectAPI Rate Limiting, then clickAdd Item.The API Rate Limiting agent opens.
- ForName, use the default name for the action that appears in the API protection per-request policy (API Rate Limiting, by default).
- ForEnforce BlacklistandEnforce Whitelist, selectEnabledorDisabled.In the agent, blacklists are enabled by default. Whitelists are disabled.If enabled, requests identified in the blacklist are sent to the fallback branch and trigger the selected response.
- To optionally specify aResponse, select one of the responses that were previously developed on the Responses tab of the API protection profile.
- Add at least one Rate Limiting Configuration:
- ClickAdd New Entry.
- From theRate Liming Configurationlist, select a configuration previously developed on the Rate Limiting tab of the API protection profile.
- To assign a weight to API requests identified by this rate limiting configuration, type a number (greater than 0 and less than the quota and spike limit). By default, the weight of every request is 1.If assigning more than one rate limiting configuration, you can assign a higher weight to one of them, for example, so you can control the amount of support provided to different applications.
- To add more configurations, repeat the previous steps. At that point, you can use the arrows on the right to order the configurations for use in the per-request policy.
- By default, a successful and fallback branch is created. You can adjust the branching, if needed.
- At the bottom of the screen, clickSave.