Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Throttling allows you to limit the number of hits to an API during a given period of time, typically in cases such as the following:

...

Resource-level throttling is defined to HTTP verbs of an API's resources by the developer at the time an API is created using the Publisher. When a subscriber views an API using the API Store, s/he can see the resource-level throttling tiers using the Throttle Info tab as follows:

...

Subscribers are not allowed to change these throttling tiers. They are simply notified of the limitations.

IP-level throttling

In IP address based throttling, you can limit the number of requests sent by a client IP (e.g., 10 calls from single client). For example, the throttling policy shown below allows only 1 API call per minute for a client from 10.1.1.1 and 2 calls per minute for a client from any other IP address:

 

Code Block
languagehtml/xml
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"  

xmlns:throttle="http://www.wso2.org/products/wso2commons/throttle">   
<throttle:MediatorThrottleAssertion>    
<wsp:Policy>            
<throttle:ID throttle:type="IP">10.1.1.1</throttle:ID>            
<wsp:Policy>                
<throttle:Control>                    
<wsp:Policy>                        
<throttle:MaximumCount>1</throttle:MaximumCount>                        
<throttle:UnitTime>60000</throttle:UnitTime>                    
</wsp:Policy>                
</throttle:Control>           
</wsp:Policy>        
</wsp:Policy>
     
<wsp:Policy>            
<throttle:ID throttle:type="IP">other</throttle:ID>            
<wsp:Policy>                
<throttle:Control>                    
<wsp:Policy>                        
<throttle:MaximumCount>2</throttle:MaximumCount>                        
<throttle:UnitTime>60000</throttle:UnitTime>                   
 </wsp:Policy>                
</throttle:Control>            
</wsp:Policy>        
</wsp:Policy>    
</throttle:MediatorThrottleAssertion></wsp:Policy> 
 

How throttling tiers work

...

  1. The following throttling policy allows 1000 concurrent requests to a service.

    Code Block
    languagehtml/xml
    <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:throttle="http://www.wso2.org/products/wso2commons/throttle"
                wsu:Id="WSO2MediatorThrottlingPolicy">
        <throttle:MediatorThrottleAssertion>
            <throttle:MaximumConcurrentAccess>1000</throttle:MaximumConcurrentAccess>
            <wsp:Policy>
                <throttle:ID throttle:type="IP">other</throttle:ID>           
            </wsp:Policy>
        </throttle:MediatorThrottleAssertion>
    </wsp:Policy>
  2. Start the API Manager, log in to its management console (https://localhost:9443/carbon) and click the Resource > Browse menu to view the registry.
  3. Click the goverence/apimgt/applicationdata path to go to its detailed view.
    Image Modified
  4. In the detail view, click the Resource link and upload the created policy file to the server as a registry resource.
  5. In the management console, select the Service Bus > Source View menu.

  6. The configurations of all APIs created in the API Manager instance opens. To engage the policy to a selected API, add it to your API definition. In this example, we add it to the login API.

    Code Block
    languagehtml/xml
    <?xml version="1.0" encoding="UTF-8"?><api xmlns="http://ws.apache.org/ns/synapse" 
    name="_WSO2AMLoginAPI_" context="/login">
        <resource methods="POST" url-mapping="/*">
            <inSequence>
                <send>
                    <endpoint>
                        <address uri="https://localhost:9493/oauth2/token"/>
                    </endpoint>
                </send>
            </inSequence>
            <outSequence>
                <send/>
            </outSequence>
        </resource>
        <handlers>
     <handler class="org.wso2.carbon.apimgt.gateway.handlers.throttling.APIThrottleHandler">
           <property name="id" value="A"/>
           <property name="policyKey" value="gov:/apimgt/applicationdata/throttle.xml"/>
           </handler> 
    <handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerExtensionHandler"/>
        </handlers>
    </api>
    Note

    Be sure to specify the same path used in step 3 in the policy key of your API definition.

  7. You have successfully engaged a throttling policy to an API.

Go back to Tier Availability section in Creating an API page.