0

For dynamic-based Quota settings: http://apigee.com/docs/api-services/content/rate-limit-api-traffic-using-quota#dynamic-product-based-quota-settings

I find that when the Developer App has no attribute defined, like verifyapikey.VerifyApiKey.apiproduct.developer.quota.limit, it defaults to 0. This makes the quota check fail.

This requires all new developer-apps created to have the attribute set. How is it possible to have a default quota, if none is set?

Santanu Dey
  • 2,900
  • 3
  • 24
  • 38
mparaz
  • 2,049
  • 3
  • 28
  • 47

4 Answers4

2

There are 2 options that I can think of:

1) The better option is to ensure apps always have that variable you reference for quota populated in the first place. This eliminates the need for 2 variables, and quota policy can be used as you referenced. Furthermore, an admin could override or assign a different quota if necessary. The Dev Connect can be configured to ensure an app custom attribute is assigned upon app creation or registration.

2) Alternatively, you can check from 1 source(like an app custom variable), and then if it does not have value, you can use another source (like the API product quota setting).

Unfortunately, I do not believe this can be done all within the Quota policy. Rather, you could use a service callout policy to set 1 quota variable based on what is available.

That... or you could use 2 different quota policies where either would get triggered based on their conditions. Their conditions would reference the variables you mentioned to check whether they exist (or not).

<Step>
<Condition>(app.quota_var is null)</Condition>
  <Name>QuotaPolicyUsingApiProductQuotaReference</Name>
</Step>
<Step>
  <!-- if the app custom variable is there, you must mean to use it -->
  <Condition>(app.quota_var != null)</Condition>
  <Name>QuotaPolicyUsingAppQuotaReference</Name>
</Step>
akoo1010
  • 606
  • 3
  • 9
0

Quotas can be configured at API product level that get used by the policy. The variable will reflect this configuration.

Srikanth
  • 1,015
  • 12
  • 16
0

The API product is like a "meta-policy"; it acts as a source of values used by other policies to enforce access control and quotas.

Make sure you create a developer, create an app for that developer, and approve the app for at least one API product. When the API proxy checks the key at runtime, it will also resolve the API product and extract the quota settings--effectively matching a key to a 'service plan'.

There's detailed description of the relationships between these entities here:

http://apigee.com/docs/api-services/content/using-edge-management-api-publish-apis

ap-andrew
  • 131
  • 4
  • Thanks. You mean, the API proxy takes attributes for the quotas (and others) from both the API Product, and the Developer app? What I would like is to use the setting from the Developer app, if present, otherwise use the Product - is that the case? – mparaz Jan 24 '14 at 18:34
0

Looking at the Quota schema definition, I see both count and countRef available in Allow.

Have you tried something like this?

<Quota name="CheckQuota"> 
  <Interval>24</Interval>
  <TimeUnit>hour</TimeUnit>
  <Allow count="100" countRef="apiproduct.developer.quota.limit"/>
  <Identifier ref="client_id"/>
</Quota>
Mike Dunker
  • 1,950
  • 15
  • 17