Highlighted

Public and licensed APIs with ColdFusion API Manager

New Here ,
Sep 07, 2017

Copy link to clipboard

Copied

I am looking at the API manager to provide both public (as in free) and licensed (as in paid access) to our API's.  The difference is that the public API's would be throttled and the licensed accounts would have unlimited, or un-throttled, access.

In setting up and testing a public API, I set the authentication type to none (since existing users of our API do not currently specify something akin to an api_key).  I can access the API through the API manager (localhost:9100/......) but it does not throttle.  I have even set the UNLIMITED SLA to 1 request/minute but I still get unlimited access to the API from a browser.  However, if I use an authentication type of apiKey, and add an api_key to a query, I get throttled access even using the UNLIMITED SLA which is set to 1 request/minute.  So I know the SLA and hence throttling, work.  However, I cannot find a way to throttle public API's (those with an authentication type of 'none'). To complicate matters, I can only have TRY OUT and UNLIMITED SLA's if I have an authentication type of 'none' (hence my changing the requests for UNLIMITED) so I can't use a new SLA.

So.....

1. Can I even throttle APIs with an authentication type of 'none'?

2. Does anyone have any suggestions on how to implement this architecture (throttled public or free and un-throttled licensed or paid)?

Thank you in advance.

Views

116

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Public and licensed APIs with ColdFusion API Manager

New Here ,
Sep 07, 2017

Copy link to clipboard

Copied

I am looking at the API manager to provide both public (as in free) and licensed (as in paid access) to our API's.  The difference is that the public API's would be throttled and the licensed accounts would have unlimited, or un-throttled, access.

In setting up and testing a public API, I set the authentication type to none (since existing users of our API do not currently specify something akin to an api_key).  I can access the API through the API manager (localhost:9100/......) but it does not throttle.  I have even set the UNLIMITED SLA to 1 request/minute but I still get unlimited access to the API from a browser.  However, if I use an authentication type of apiKey, and add an api_key to a query, I get throttled access even using the UNLIMITED SLA which is set to 1 request/minute.  So I know the SLA and hence throttling, work.  However, I cannot find a way to throttle public API's (those with an authentication type of 'none'). To complicate matters, I can only have TRY OUT and UNLIMITED SLA's if I have an authentication type of 'none' (hence my changing the requests for UNLIMITED) so I can't use a new SLA.

So.....

1. Can I even throttle APIs with an authentication type of 'none'?

2. Does anyone have any suggestions on how to implement this architecture (throttled public or free and un-throttled licensed or paid)?

Thank you in advance.

Views

117

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Sep 07, 2017 0

Have something to add?

Join the conversation