All Products
Search
Document Center

:Throttling policies

Last Updated:Feb 07, 2023

Throttling policies and APIs are separately managed. A throttling policy takes effect only on APIs that are bound to the policy.

You can add special users and apps to an existing throttling policy. The special users and apps also take effect only on the APIs that are bound to the policy.

You can configure a threshold for an API, a user, and an app in a throttling policy. The unit of throttling can be second, minute, hour, or day. Before you use a throttling policy, take note of the following rules:

  • The dimensions in the following table are covered in a throttling policy.

    API-level throttling threshold

    The maximum number of times that an API bound to a throttling policy can be called within a specific unit of time. The unit of time can be second, minute, hour, or day. For example, you can set the threshold to 5,000 times per minute.

    App-level throttling threshold

    The maximum number of times that an app can call an API that is bound to a throttling policy within a specific unit of time. For example, you can set this threshold to 50,000 times per hour.

    User-level throttling threshold

    The maximum number of times that an Alibaba Cloud account can call an API bound to a throttling policy within a specific unit of time. Multiple apps may exist in an Alibaba Cloud account. This throttling threshold limits the total number of API calls that all apps in an Alibaba Cloud account can initiate. For example, you can set this threshold to 500,000 times per day.

    You can specify all preceding thresholds in one throttling policy. The user-level throttling threshold cannot be greater than the API-level throttling threshold, and the app-level throttling threshold cannot be greater than the user-level throttling threshold.

    You can also add special apps and users to a throttling policy. Only the API-level throttling threshold in the throttling policy applies to these special apps and users. However, you must configure a special throttling threshold for each of the special users and apps. The value of the special throttling threshold cannot be greater than the API-level throttling threshold.

  • Similar to creating a signature key, you must select a region when you create a throttling policy. You cannot change the region after you create a policy. Meanwhile, the throttling policy that you create is applied to only the APIs in the selected region.

  • By default, API Gateway limits the queries that all APIs in each API group can initiate per second to 500. When you specify the value of API-level throttling threshold, you must consider this limit.

  • Bind a throttling policy to APIs. You can bind a throttling policy to multiple APIs. The configurations of the throttling policy, such as the thresholds, special users, and special apps, take effect on each bound API. If you bind a throttling policy to an API that is already bound to another throttling policy, the new policy replaces the previous policy and takes effect immediately.

  • Add special users and apps. If you want to add a special app to a throttling policy, you must obtain the ID of the app. If you want to add a special user to a throttling policy, you must obtain the user ID of the Alibaba Cloud account.

  • In the API Gateway console, you can create, modify, delete, and view a throttling policy. You can also unbind a throttling policy from an API. You can also add special users or apps to or remove special users or apps from a throttling policy.