Enforcing quotas with oauth2

I am trying to enforce an app quota using custom attributes for a proxy that is secured using an oAuth2 policy, but am unable to resolve any of my custom attributes. The attributes interval, timeUnit and count are defined properly for the app, and all contain valid values. I appear to have a problem with how I defined the references in the Quota policy, but I'm not sure what the issue is. Any ideas?

Error Message:

Failed to resolve quota interval reference oauthv2.verify-oauth-v2-access-token.app.interval in quota policy {1}

Note: The same error appears for the other two attributes as well (not shown).

OAuthV2 Policy:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<OAuthV2 async="false" continueOnError="false" enabled="true" name="verify-oauth-v2-access-token">
<DisplayName>Verify OAuth v2.0 Access Token</DisplayName>
<Operation>VerifyAccessToken</Operation>
</OAuthV2>

Quota Policy:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Quota async="false" continueOnError="false" enabled="true" name="Quota-App" type="flexi">
<Interval ref="oauthv2.verify-oauth-v2-access-token.app.interval"/>
<TimeUnit ref="oauthv2.verify-oauth-v2-access-token.app.timeUnit"/>
<Allow countRef="oauthv2.verify-oauth-v2-access-token.app.count"/>
</Quota>

Solved Solved
0 2 539
1 ACCEPTED SOLUTION

sidd-harth
Participant V

Hi @David Johns, when we use OAuth verify access token policy, the custom attributes from products are referenced in a different way.

It should be something like, apiproduct.*

apiproduct.quota.interval
apiproduct.quota.limit 
apiproduct.quota.timeunit

8157-product.png

When in doubt check the Trace session,

8156-quota.png

View solution in original post

2 REPLIES 2

sidd-harth
Participant V

Hi @David Johns, when we use OAuth verify access token policy, the custom attributes from products are referenced in a different way.

It should be something like, apiproduct.*

apiproduct.quota.interval
apiproduct.quota.limit 
apiproduct.quota.timeunit

8157-product.png

When in doubt check the Trace session,

8156-quota.png

Thank you @Siddharth Barahalikar !

Running a trace session made it simple to see all the active variables and their corresponding values. Working great now.