Introduction
This is part 4 of a series of blog posts where I will be talking about how rate-limiting is configured. We will look at the developer's perspective of the API (developer portal).
In the last post we published the "yo-blog" API via the publisher portal. The URL of the publisher & developer portal is https://mgtdemo.portal.azure-api.net/. In this post we will need to log into this portal as both:
- An API Publisher
- An API consuming developer (using the API)
Rate Limiting & Products
Rate limiting is tied to the "Products"."Products" essentially refer to your API offerings. In this example we will create an API offering with the following settings.
Name | Api Testing Plan |
Description | Subscribers will be able to run 1 call/minute up to a maximum of 20 calls/month. |
Approval | Administrator approval is required. |
Requires subscription | Yes |
Subscription Requires Approval | Yes |
Multiple simultaneous subscriptions | No |
Allowed Groups | Administrators, Developers, Guests |
Quota | 10 calls per 10 days |
Rate Limit | 1 call per minute |
To accomplish this, log into the publisher portal & click "Products" & click
ADD Product". Then follow the screenshots below.
Click Products & then click ADD PRODUCT
Then add the details for the new product. Then click Save.
Then click on the newly created product
Next navigate to visibility & check the appropriate visibility then save
Also, don't forget to "Publish" your APIs.
Rate limiting a product
You now need to click on policies & then click Add Policy
As you can see, a policy does not exist for the "Api Testing Plan". Click it to create one.
You then need to click the option to "Limit call rate per subscription". This should automatically set the correct XML config like so: (check next image)
After modifying the values, your XML looks like so ..
Your rate limit is 1/ per 60 seconds & quota is 10 calls per 10 days
Assign the Product to an API
You need to navigate to your API, then navigate to the Product tab & delete the "Starter" Product & add the "API Testing Plan" product.
Consuming the API
Now that the APIs have been published, lets look at what a consuming developer experiences.
Our APIs are now published & available at the API Portal https://mgtdemo.portal.azure-api.net. When they navigate to the URL, they will see a default home page. If your API's product allows for "Guest" visibility & DOES NOT require subscription, your API definition will also be visible. This means by default, any API linked to a "Starter" product offering will be visible without logging in.
(More to come ...)
I will be writing a series of posts to cover this topic, stay tuned ..
- Part 1: Azure API Management - An introduction
- Part 2: Azure API Management - Your back-end api
- Part 3: Azure API Management - Creating a gateway & exposing your api
- Part 4: Azure API Management - Add rate limiting & consuming the api
- Part 5: Azure API Management - Add security