User quota settings determine the maximum number of requests that API consumers can send to your APIs within a defined time period.
You set the user quota limit at the key collection level and apply the settings to all keys included in the collection. As long as an API key has a remaining quota, API consumers can use the key to access your endpoints and resources. When a key's quota reaches its limit, edge servers stop forwarding the requests made with the key to your origin server. The key regains its full quota after either the scheduled automatic quota reset, or after a manual reset. For information on the manual quota reset for individual keys, see Reset key quota.
Staging and production environments have the same quota counters for API keys. This means that when you make test requests with an API key in the staging environment, you also increase the key's quota counter in the production environment. To ensure that your activity in the staging environment does not influence the production quota, create and use separate API keys for testing purposes.
You can provide details about a key's current quota status to the clients that send requests to your API. The details are passed via the quota limit response headers and include:
|X-RateLimit-Limit||The request limit per specified unit of time.||100|
|X-RateLimit-Remaining||The remaining number of requests that API consumers can send in the current time window.||75|
|X-RateLimit-Reset||The UTC epoch timestamp indicating the time of the next quota reset. Sent only when quota remains.||1521214822|
|X-RateLimit-Next||The UTC epoch timestamp indicating the time of the next quota reset. Sent only when quota is full.||1521215291|
At any time, you can change the collection-level quota settings, including allowed requests per time unit and headers, by editing the information included in the Quota settings section.
You can set a user quota limit, which is the maximum number of requests that your API can respond to within a specific time period, for keys included in a key collection. When the quota reaches its limit, edge servers stop forwarding traffic to your origin server until the quota resets. You can also decide whether to send quota limit headers in response to API requests.
You can also complete this task by using the Keys and Traffic Management API. Run the Edit quota settings operation.
In API Keys and Traffic Management, from the Key collections list on the left, select the collection you want to set a user quota limit for.
In the collection panel, click next to Quota settings.
In the Edit quota settings window, set the Enable quota switch to Yes.
Additional fields appear.
In the Each key is allowed area:
a. In the text field, enter the maximum number of requests each key in the collection can successfully make, in the 100 – 1000000000 range.
Staging and production environments have the same quota counters for API keys.
b. From the drop-down menu, select the time period for the quota limit.
The drop-down menu determines how often the system should reset the quota. The times of the quota reset are fixed and you cannot change them. The following table lists the values available and their corresponding fixed reset times in the UTC time format.
|Hour||The start of each hour, XX:00:00 UTC|
|6 Hours||00:00:00 UTC, 06:00:00 UTC, 12:00:00 UTC, 18:00:00 UTC|
|12 Hours||00:00:00 UTC, 12:00:00 UTC|
|Week||The start of each week (Monday), 00:00:00 UTC|
|Month||The start of each month, 00:00:00 UTC|
When you decrease the user quota reset period after using some of it, the UI displays the used quota even after the new, shorter period passed. When there’s some new traffic, the usage gets in synch with the counter, and it continues to grow within new period.
- Optional: In the Quota headers section, select the response headers to return when the quota remains or when the quota is at its limit.
- To confirm the changes, click Update quota.
Updated 3 months ago