[Apiman-user] APIMAN rate limiting policy granularity
Eric Wittmann
eric.wittmann at redhat.com
Fri May 27 09:04:27 EDT 2016
(adding the apiman-user list for posterity)
Thanks for the question. Here are definitions of these two granularities:
User: only possible when also using Authentication (basic or oauth),
the granularity is based off the username of the authenticated user as
well as the API information. In other words, the "rate limiting counter
id" for this would be:
username+apiOrgId+apiId+apiVersion
Client: only possible for non-public APIs - this is based off the API
Key of the client app issuing the rquest. In other words, the "rate
limiting counter id" for this would be:
API Key+apiOrgId+apiId+apiVersion
I hope that helps!
-Eric
On 5/26/2016 3:40 PM, Subbarao Denduluri wrote:
> The granularity shows: user , api and client. What is the difference between user and client. And also thinking of putting the policy at the APIKEY level. Does that mean the user level?
>
> thanks
>
More information about the Apiman-user
mailing list