Updated on 2024-04-03 GMT+08:00

Adding an Excluded App or Tenant

Scenario

If you want to control the number of API calls received from a specific app or tenant, add an excluded app or tenant to a request throttling policy.

Prerequisites

You have created an app or obtained an app ID of another account or an account ID.

Adding an Excluded App

  1. Access the shared gateway console.
  2. In the navigation pane, choose API Publishing > Request Throttling.
  3. Click the name of the target request throttling policy.
  4. On the displayed request throttling policy details page, click the Excluded Apps tab.
  5. Click Select Excluded App.
  6. Select an app to exclude. You can use one of the following methods:

    Figure 1 Selecting an app
    • To select an existing app, click Existing, select an app, and enter a threshold.
    • To select an app of other tenants, click Cross-tenant, and enter the app ID and a threshold.

      Excluded app thresholds take precedence over the value of Max. App Requests.

      For example, a request throttling policy has been configured, with Max. API Requests being 10, Max. App Requests being 3, Period being 1 minute, and two excluded apps (max. 2 API requests for app A and max. 4 API requests for app B). If the request throttling policy is bound to an API, apps A and B can access the API 2 and 4 times within 1 minute, respectively.

Adding an Excluded Tenant

  1. Hover the mouse pointer over the username and choose My Credentials from the drop-down list.
  2. On the API Credentials page, view the account ID and project ID.

    Figure 2 Viewing the account ID and project ID

  3. In the navigation pane, choose API Publishing > Request Throttling.
  4. Click the name of the target request throttling policy.
  5. Click the Excluded Tenants tab.
  6. Click Select Excluded Tenant.
  7. In the Select Excluded Tenant dialog box, set the parameters listed in Table 1.

    Figure 3 Adding an excluded tenant
    Table 1 Excluded tenant configuration

    Parameter

    Description

    Account ID

    Account ID or project ID obtained in 2.

    • Enter a project ID if you will bind or have bound this policy to an API that uses app authentication.
    • Enter an account ID if you will bind or have bound this policy to an API that uses IAM authentication.

    Threshold

    The maximum number of times an API can be called by the tenant within a specified period.

    The value of this parameter cannot exceed that of Max. API Requests.

  8. Click OK.

    Excluded tenant thresholds take precedence over the value of Max. User Requests.

    For example, suppose a request throttling policy is configured, with Max. API Requests being 10, Max. User Requests being 3, Period being 1 minute, and two excluded tenants (max. 2 API requests for tenant A and max. 4 API requests for tenant B). If the request throttling policy is bound to an API, tenants A and B can access the API 2 and 4 times within 1 minute, respectively.