I am using Azure API Management to manage my Web Apps in Azure.
However, I want to make some of my APIs public, and do not want the user to subscribe to those.
The unsubscribed users must only be able to make 10 calls per minute.
I created a new subscription without any key and added the rate-limit policy (10 calls per minute) to it, however, when I make 10 calls in 10 seconds, I get 429 status code, which is pretty much understood.
But within the same time duration (one minute), if I make calls to the same API, from different device, I still get the 429 status code.
From the second device, the user must be able to access the API, since, it has not accessed the API at all.
How can this be achieved in the Azure API Management.?
0
votes
1 Answers
1
votes
By reading the following document, I have found the solution.
<rate-limit-by-key calls="10"
renewal-period="60"
counter-key="@(context.Request.IpAddress)" />
<quota-by-key calls="1000000"
bandwidth="10000"
renewal-period="2629800"
counter-key="@(context.Request.IpAddress)" />
However, there is a strange thing happening with it.
I have set the renewal-period="60" in the API Management.
When I make the requests (10 requests in approx. 10 secs) using the first device (connected via wifi), I get 429 status code and the message as "message": "Rate limit is exceeded. Try again in 34 seconds."
However, when I make the requests (10 requests in approx. 10 secs) using the second device (mobile phone connected via cellular network), I should be getting a message indicating that retry in 50 or 60 seconds.
What I get on the second device is the the following:"message": "Rate limit is exceeded. Try again in 24 seconds."
Which is sort of strange, since the time indicates the renewal time for the first device.
