The rate-limiting factor plays a crucial role in your API security by controlling an unlimited number of requests in the given period.
Let's talk more about it. 🧵👇🏻
When designing an API, you follow various best practices to ensure your API’s performance and success. Rate-limiting factor in one of them.
The rate-limiting factor is the process through which you limit the amount of traffic coming to your API from a single IP address.
Rate-limiting is essential for security aspects.
Suppose an attacker tries to tank your server by launching a DDoS attack, the rate-limiting will stop addressing the API requests after reaching a certain threshold.
The API rate-limiting also helps to make your API scalable.
Unexpected spikes of traffic will cause lag. But, having rate-limiting will keep your API running for other developers.
This rate-limiting level focuses on controlling traffic from individual IP addresses to ensure that users do not go above their specified limit.
📌 API-Level Rate Limiting
This rate-limiting type deals with all the traffic coming to the API from all the users. It is to ensure that the overall API rate limit does not exceed.
Methods of API Rate Limiting
Here are three methods you can use for API rate limiting. 👇🏻
1️⃣ Hard Stop
Your API consumers will get an error when they call the API over the limit.
2️⃣ Soft Stop
You can implement a small period where the API calls will continue to succeed after reaching the limit.
You can use this period to let your API consumer know that they may have to subscribe to a new plan.
3️⃣ Throttled Stop
Another thing you can implement is to slow down the response time once the user has reached the limit.
With that being said, this is the end of this thread.
Let's discuss the most commonly heard terms in API development 👇🏻
- SDK
- RPC
- CORS
- Async API
- Internal API
- API Caching
- External API
- HTTP cookies
- Authorization
- Microservices
- OpenAPI spec
- Composite API
- API Versioning
- Authentication
Thread 🧵👇🏻
📌 SDK
SDK stands for Software Development Kit.
It is a set of development tools that allows the creation of software or an application for a particular platform.
SDK provides you with the whole package from compilers to debuggers to even a software development framework.
📌 RPC
Remote Procedure Call (RPC) is the oldest client-server communication method in use today. Instead of the traditional HTTP call, RPC uses a function call.
It means that on the client-side, you invoke a function that is written on the server-side code.