Log in to the API Store and select an API (e.g.,
PhoneVerification 1.0.0.)Subscribe to the API if you haven't done so already.
Choose to go to the My Subscriptions page and generate an access token. If you already have an access token for the application, you have to regenerate it after 1 hour.
Let's invoke this API.Go to the API Console tab and expand the GET method.
Give values to the parameters and click Try it out to invoke the API.
Note the response that appears in the API Console. As we used a valid phone number in this example, the response returns as valid.
- Within a minute after the first API invocation, make another attempt to invoke the API.
- Note that you get a throttling error saying that you exceeded your quota. This is because you subscribed to the API on the Bronze throttling tier and the Bronze tier only allows you to make one call to the API per minute.
In the REST client, select the DELETE method and invoke the API again.
- The call gets blocked by the API Gateway. It doesn't reach your backend services as you did not allow the DELETE method for the resource when creating the API.
- In the REST client, select the GET method again but this time, give the resource name as
CheckPhoneNumbersinstead ofCheckPhoneNumber.
- Again, you get the same 'no matching resource' message that you got in step 9. This is because you are trying to access a REST resource that is not defined for the API.
You have seen how the API Gateway enforces throttling and resource access policies for APIs.