wso2~高级限流策略

• https://apim.docs.wso2.com/en/3.1.0/learn/rate-limiting/adding-new-throttling-policies/
• https://apim.docs.wso2.com/en/3.2.0/learn/rate-limiting/setting-throttling-limits/

对api资源的ip,请求头，请求参数，jwt解析信息的限流规则，让限流更细粒度。

api级别策略

admin平台中的Advanced Rate Limiting Policies，需要你在publisher平台api的resourcs菜单中选择API LEVEL才可以配置高级策略

• 在deployment.toml中开启几个特性的限流

wso2:
 apim:
  configurations:
   throttling:
        enableUnlimitedTier: true
        enableHeaderBasedThrottling: true
        enableJwtClaimBasedThrottling: true
        enableQueryParamBasedThrottling: true

application级别策略

admin平台中的Application Rate Limiting Policies

api被某个应用订阅级别策略

admin平台中的https://test-apim.pkulaw.com/admin/throttling/subscription

限流返回值

• handWidth带宽限制和requests请求数限制的返回值，状态码429，内容如下：
• 限流达到限制后，在下一个周期到来之前，用户是不能再正常访问资源的

{
    "code": "900804",
    "message": "Message throttled out",
    "description": "You have exceeded your quota .You can access API after 2025-Jun-26 04:00:00+0000 UTC",
    "nextAccessTime": "2025-Jun-26 04:00:00+0000 UTC"
}