Rate limiting – SLA based

 

Rate limiting – SLA based policy limit or restrict the number of request an API can accept in a defined window of time for a particular SLA. It rejects the request when the number exceed in defined window of time for a particular SLA.

Rate limiting policy is generally used for monetizing the API usage. For example think of weather API more like a product API which provide weather forecast and to monetize the API usage then company can come up with different SLA like Free Subscription, Silver Subscription and Gold Subscription.

  • Free Subscription – 10 requests per minute and will be automatically approved
  • Silver Subscription (not free) – 100 requests per minute and will be manually approved
  • Gold Subscription (not free) – 1000 requests per minute and will be manually approved

To Start with we will create a mule application and connect it with API manager – please see how we can connect the mulesoft application to API Manager

After deployment in Cloudhub the API manager configuration will come as Active

Rate limiting - SLA based

 

Let’s create different SLA

Rate limiting - SLA based

 

Free Subscription

Rate limiting - SLA based

 

Silver Subscription

 

Gold Subscription

Rate limiting - SLA based

 

Now we can see all required subscription

Rate limiting - SLA based

 

Now we will apply the Rate limiting – SLA based policy

 

Select Rate limiting – SLA based

 

Now update the policy configuration

 

We can see below properties

  • Client ID and Secret – are the authorization details of different client applications which are created when client application apply to particular SLA subscription. client_id and client_secret will be passed as HTTP headers.
  • Clusterizable – to apply at cluster level
  • Expose header – Rate limiting – SLA based related headers will be passed back to caller.

These headers are:

      • x-ratelimit-remaining – remaining hits in a window of time
      • x-ratelimit-limit – max limit in a window of time
      • x-ratelimit-reset – window of time in milliseconds

Click apply

 

Let’s generate different Client application.

  • Mulesy Developer Application – who need to evaluate API before going to purchase it for actual use.
  • News Agency Application –NEWS agency who want to use the APIs for their NEWS website

 

To create Application – Go to Exchange – REST API asset

 

Click on Request access

 

Select the API Instance and then create new application

 

Provide the application name

 

And the select the free Subscription

 

Click request access

 

Similarly we will create News Agency Application with Gold Subscription

 

Click Request access

 

As we have selected manual approval for Gold Membership SLA then we have to explicitly approved it

Go back to policy and then contract

 

And approve the pending request

 

When we approve the Subscription then the Client application will receive the client id and secret on their email otherwise they can go in Exchange -> Manage application to get their Client id and Secret

 

Now if we test this API in SOAP UI

For Free Subscription

Get the Client ID and Secret – Exchange – My application

SOAP UI – pass client_id and client_secret as header

Rate limiting - SLA based

 

Based on Client ID and Secret the policy knows which SLA the contract belongs to and it will automatically apply the required SLA

We can see the different Rate limiting – SLA based header

 

For 11th request in 60 seconds window we will get HTTP 429 Too Many Request error like below

HTTP/1.1 429 Too Many Requests
Content-Type: application/json; charset=UTF-8
Date: Tue, 02 Jun 2020 06:46:11 GMT
Server: nginx
x-ratelimit-limit: 10
x-ratelimit-remaining: 0
x-ratelimit-reset: 37293
Content-Length: 40
Connection: keep-alive

{
  "error": "Quota has been exceeded"
}

 

Rate limiting - SLA based

 

For Gold Subscription

Client ID and Secret

Rate limiting - SLA based

 

SOAP UI

Rate limiting - SLA based

 

We can see the Gold Subscription related SLA – 1000 requests in 1 minutes

 

Sample application – sample-rest-service-rate-limiting-sla

Sample SOAP UI project – sample-rest-service-rate-limiting-sla-soapui-project

 

  
Thank you for taking out time to read the above post. Hope you found it useful. In case of any questions, feel free to comment below. Also, if you are keen on knowing about a specific topic, happy to explore your recommendations as well.
 
For any latest updates or posts on our website, you can follow us on LinkedIn. Look forward to connecting with you there.


Share this:
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments