WSO2 APIM | API key generation with new subscription tier
Hello WSO2 folks!
In this blog, I am going to share a use case where I've to generate new API Key In WSO2 API Manager with a new subscription tier.
Environment
WSO2 API Manager v3.2.0.x
Use Case
There was an API subscribed with an application with subscription tier 10 Request/Minute i.e. the default one and the API consumer was using the same with API Key. The API consumer was not provided the dev portal access and shared the API Key over the email.
After some time, the API consumer has reported that sometimes they are getting HTTP 429 Too Many Requests Error and API call is failed. This issue was intermittently reported by the API consumer.
Analysis
We have done further investigation and found that they have provisioned a batch process that also calls the same API with 8 Request/Sec i.e. 480 Request/Minute. So we have created a custom rate-limiting policy with 1000 Request/Minute and attached it to the same application. However, the issue remains the same.
The Solution
We have then checked the API Key shared with the consumer was still having the same rate-limiting policy i.e. 10Req/Min (via jwt.io debugger) and hence the changes done in Devportal aren't getting applied correctly while making the API calls.
To overcome this situation, we have re-generated the API Key while a new subscription was attached to the application. Then we verified the APIKey via JWT debugger and found this time the policy was correctly applied. Below are the steps-
1. New Subscription Policy Creation
- Go to the admin console via http://host:port/admin
- Navigate to Application Policies > Add New Policy
- Add Policy Details and save it
2. Subscribe Application with New Subscription Policy
- Go to developer portal > Applications
- Select application and edit
- Change the Subscription Tier > Per Token Quota to the new tier
- Save it
3. Generate API Key
Now our application has been updated with a new throttling tier. Let's generate API Key for APIs access-
- Go to Devportal
- Navigate to Applications
- Select API Key
- Generate Key
- Save the Key
The revised API Key was then shared with the API consumer and then after the issue was not replicated for all API requests <1000 Req/Min.
I appreciate you taking the time and effort to share your knowledge. This material proved to be really efficient and beneficial to me. Thank you very much for providing this information. Continue to write your blog.
ReplyDeleteData Engineering Services
Machine Learning Services
Data Analytics Services
Data Modernization Services
This comment has been removed by a blog administrator.
ReplyDeleteGood information on API key generation
ReplyDeleteAlso check Custom API integration services