APIs allow you to share your application data with other developers (both internal and external) as well as other apps. As businesses continue to accelerate their API strategies, you as the application manager/owner have to make sure that your application is always secure and high-performing. Well-designed APIs that allow you to throttle API requests are what you need for better security and throughput.
API throttling allows you to control the way an API is used. Throttling allows you to set permissions as to whether certain API calls are valid or not. Throttles indicate a temporary state, and are used to control the data that clients can access through an API. When a throttle is triggered, you can disconnect a user or just reduce the response rate. You can define a throttle at the application, API or user level.
As a developer, you have control over what applications and which users can use your APIs. Just like permissions, a combination of multiple throttles may be used on a single request. You can even have multiple levels of throttling based on the user. For example, you can restrict sensitive information from external developers, while giving access to the same for internal developers.
Enterprises custom throttle their APIs based on the needs of their organization such as monetization, authentication, security, governance, performance, availability, etc. Here are some general throttling strategies adopted by the industry today to help you decide what your API needs:
Throttling your API is an extremely sensitive process and it can have a huge impact on customer satisfaction, application performance and security. For that reason, I recommend you use our commercial enterprise solutions that have inherent support for throttling:
As both these products are extremely unique and powerful, I highly recommend that you discuss your throttling needs with our product experts. Happy throttling!
Nishanth Kadiyala is a Technical Marketing Manager at Progress. He got his B.Tech degree from IIT Guwahati and his MBA from UNC Chapel Hill. He has worked on several technologies including database designing, SQL querying and Cloud Computing in the past. Currently, he is committed to educating enterprises about standards based connectivity via ODBC, JDBC, ADO.NET and OData. He is also proficient with DataDirect Hybrid Connectivity Services – DataDirect Cloud and Hybrid Data Pipeline. You can stay in touch with him through Twitter.
Copyright © 2018 Progress Software Corporation and/or its subsidiaries or affiliates.
All Rights Reserved.
Progress, Telerik, and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.