Hi All,
We have 1 SOAP based API with 50+ SOAP operations as part of it.
There are 3 products having access to it and corresponding 3 apps too.
We need to limit access as -
We use OAuth 2.0 client credentials to protect the API.
The approach followed to limit the access is Option 2 presented in https://www.googlecloudcommunity.com/gc/Apigee/limit-access-for-SOAP-web-methods-in-apigee-api/m-p/3...
In addition to the above, we also need to rate limit the access to each of the operations within the product as follows -
Any solution to achieve this will be appreciated.
Regards,
Ian
You can do what you describe with the Apigee Quota policy.
But you cannot rely on the built-in configuration options for rate limiting. Those options assume that there is a single rate limit that applies to all requests. It is possible to apply a "greater weight" to a particular request, but still , there is a single overall limit, a single counter per ... user. or app.
What you want is a variety of different rate limits. 25 of this type of transaction, AS WELL AS , 5 of this other type, AS WELL AS, 15 of this other type. Those are all distinct rate limits. You can do that, but to make it happen you need 2 things
Once you have those things, you just call the Quota policy, referring to the dynamic values you looked up.