Rate Limit

This interceptor defines the maximum amount of requests that are allowed in a given time span (which can be a second, minute, hour, day or month) and it may be entered in the API flow or directly in the flow of a plan.

In the case of an API, the interceptor can be inserted at the level of the API as a whole, of a resource or of an operation. In all these cases, each request will increment the total rate regardless of the caller, and respecting the interval defined. If it is added to the flow of a Plan, it will increase the specific rate of the caller (app or access token). In both cases, a new header showing the number of requests remaining may be added.

It’s easy to confuse this interceptor with another one that controls traffic, Spike Arrest. Because of this, we’ve included a more thorough description of each of them, their differences and configuration examples here.


The interceptor can be inserted only in the request flow. To set it up, we have to fill in some properties, as shown below.

rate limit

The fields Calls and Interval are required, stating the total number of accepted calls in a given time period.

It is possible to configure a percentage of additional calls to be accepted. To do this, check the Soft Limit option and add the desired value in the % field.

In the example above, we are configuring a limit of 300 calls per minute, with an additional 30% being accepted. I.e., 90 extra requests may be made.

If the Soft Limit option is checked, the % field is required. Otherwise, the Rate Limit will operate normally with the quota amount configured in the Calls field.

To have a parameter with the number of remaining calls be sent in the response header, check the option Return quota header.

Thanks for your feedback!

Share your suggestions with us!
Click here and then [+ Submit idea]