API rate limiting in Kong
We can limit the rate of an API for a given consumer. For example, GitHub limits clients to make 5000 requests per hour. After that, it throws an API rate limit exceeded error. We can add similar rate limiting constraints for our API using Kong's rate-limiting
plugin.
We can enable it using this API: http://localhost:8001/apis/myapi/plugins
, with POST
name
, config.hour
, and consumer_id
as body parameters:
This API call is creating a rate limiting rule. The consumer_id
is the id of the username johnd
. This JSON response has an ID
{ "created_at": 1509216578000, "config": { "hour": 5000, "redis_database": 0, "policy": "cluster", "hide_client_headers": false, "redis_timeout": 2000, "redis_port": 6379, "limit_by": "consumer", "fault_tolerant": true }, "id": "b087a740-62a2-467a-96b5-9cee1871a368", "enabled": true, "name": "rate-limiting", "api_id": "795409ae-89ae-4810-8520-15418b96161f", "consumer_id": "df024acb-5cbd-4e4d-b3ed...