Throttling
It controls the maximum number of API requests that can be fired in a particular duration for the specified <operation>.
Possible Locations
Attributes
| Name | Type | Description |
|---|---|---|
| name required |
String | Name of throttling. |
| threshold required |
Integer (positive) | The maximum number of allowed requests for the specified duration. |
| duration required |
Integer (milliseconds) | The time period for which you allow the user to make the maximum number of calls (threshold). |
| lock-period | Integer (milliseconds) | The time period for which the operation should be locked, if the user exceeds the threshold. |
| type required |
String (enum) | It states whether the declared throttling is applicable at the organization or the IP level. The possible values are global and ip.
|
Note:
- The values of the attributes name, threshold, duration, lock-period and type will be used to set up security rules for the API Gateway.
- The attribute name is mandatory only when throttling comes under <components>.
Example
Consider that we want to control the number of possible requests in the GET operation of trips resource. Following are its details,
copy
1 minute: 50 calls
Calls beyond the threshold: Operation should be locked for 2 minutes.
This throttling has to be implemented at the organizational level.
Now write the throttling for the trips resource as shown here,
copy
<throttling name="throttle" threshold="50" duration="60000" lock-period="120000" type="global"/>
Last Updated 2025-05-30 16:54:59 +0530 +0530
Yes
No
Thank you for your feedback!
Send your feedback to us
Skip
Submit