Consume APIs On Behalf of Your Clients
When operating as a company that consumes APIs on behalf of your clients (CoBo company), managing API consumption becomes a critical challenge, especially with unpredictable API rate limits. These limits are dictated by how frequently users trigger API engines, creating dynamic consumption rates across different clients. This variation requires sophisticated quota management to ensure efficient resource allocation and prevent exceeding limits.
The Challenges of API Consumption on Behalf of Clientsโ
For companies that manage API consumption for their clients, handling API rate limits, quota management, and ensuring smooth service delivery are critical. You may have several customers consuming the same API, and each customer can have different usage patterns. Managing this consumption efficiently, ensuring none of your clientsโ quotas are exceeded, and prioritizing API traffic appropriately can become a complex task.
How Lunar.dev Helpsโ
Lunar.dev offers an efficient and flexible solution for managing these issues. By routing your traffic through the Lunar API Consumption Gateway, you can dynamically adjust quotas, optimize API usage, and provide full visibility into consumption patterns. Hereโs how to solve these challenges with Lunar.dev:
Lunar.dev Installationโ
Step 1: Sign Up for Lunar.dev
Start by creating a Lunar.dev account here. After signing up, you'll be directed to the Lunar Control Plane where you can manage and monitor your API consumption. Follow the installation steps to set up the Lunar API Consumption Gateway.
Step 2: Install the API Consumption Gateway
Install the Lunar API Consumption Gateway through Docker or Kubernetes based on your environment. Detailed installation instructions can be found on the API Consumption Gateway Installation page.
Step 3: Route Your API Traffic
Route your API traffic using Direct Mode by modifying HTTP requests to include specific headers, or use Interceptor Mode to capture and route outgoing traffic automatically. More details can be found on the Route Your API Traffic page.
Manage & Controlโ
Step 1: Configure Relevant API Quotas
First, you need to define quotas for managing API consumption at both the company and individual user levels. Create a quota.yaml
file to set limits based on the traffic to api.com/*
.
- Set a quota for the company:
- Define an overall quota for a company using a custom header (
x-lunar-api-company
). - Limit API requests to
api.com/search/*
to 12 requests per minute.
- Define an overall quota for a company using a custom header (
- Set an internal limit for individual users:
- Group API usage by individual users via the
x-lunar-api-user
header. - Set a limit of 1000 requests per minute for all API calls to
api.com/*
.
- Group API usage by individual users via the
quotas:
- id: LimiterMinuteCompany
filter:
url: api.com/search/*
strategy:
fixed_window:
max: 12
interval: 1
interval_unit: minute
group_by_header: x-lunar-api-company
internal_limits:
- id: LimiterMinuteUser
parent_id: LimiterMinuteCompany
filter:
url: api.com/*
headers:
- key: x-lunar-api-user
value: any
strategy:
fixed_window:
max: 1000
interval: 1
interval_unit: minute
Step 2: Apply Rate Limiting Flow
Next, define a flow that applies rate limiting for requests made to api.com/*
. If the rate limit is exceeded, the system responds with a 429 Too Many Requests
status.
- Apply rate limiting based on user quotas:
- Use the
LimiterMinuteUser
quota defined earlier to ensure individual users do not exceed their limit.
- Use the
- Generate a response when the limit is exceeded:
- If the rate limit is breached, generate a
429 Too Many Requests
response.
- If the rate limit is breached, generate a
name: RateLimiter
filter:
url: api.com/*
headers:
- key: x-lunar-api-user
value: any
processors:
LimiterBoxUser:
processor: Limiter
parameters:
- key: quota_id
value: LimiterMinuteUser
GenerateResponseTooManyRequests:
processor: GenerateResponse
parameters:
- key: status
value: 429
- key: body
value: "Quota Exceeded. Please try again later."
- key: Content-Type
value: text/plain
flow:
request:
- from:
stream:
name: globalStream
at: start
to:
processor:
name: LimiterBoxUser
- from:
processor:
name: LimiterBoxUser
condition: above_limit
to:
processor:
name: GenerateResponseTooManyRequests
- from:
processor:
name: LimiterBoxUser
condition: below_limit
to:
stream:
name: globalStream
at: end
response:
- from:
processor:
name: GenerateResponseTooManyRequests
to:
stream:
name: globalStream
at: end
Step 3: Setup a Queue
For high-traffic endpoints, such as api.com/search/*
, implement a queuing mechanism to manage requests and prioritize traffic based on the company making the request.
- Queue requests:
- Manage requests to the
/search/*
endpoint using a queue. - Limit the queue size to 100 and set the TTL (time-to-live) for queued requests to 60 seconds.
- Manage requests to the
- Prioritize requests:
- Assign priority to requests based on the
x-lunar-api-company
header, giving companies like Google higher priority over Microsoft.
- Assign priority to requests based on the
- Generate a response if the queue is full:
- Return a
429 Too Many Requests
response if the queue is full and cannot process more requests.
- Return a
name: SearchQueueManager
filter:
url: api.com/search/*
processors:
QueueLimiterSearch:
processor: Queue
parameters:
- key: quota_id
value: LimiterMinuteCompany
- key: ttl_seconds
value: 60
- key: queue_size
value: 100
- key: priority_group_by_header
value: x-lunar-api-company
- key: priority_groups
value:
Google: 1
Microsoft: 2
GenerateResponseTooManyRequests:
processor: GenerateResponse
parameters:
- key: status
value: 429
- key: body
value: "Quota Exceeded. Please try again later."
- key: Content-Type
value: text/plain
flow:
request:
- from:
stream:
name: globalStream
at: start
to:
processor:
name: QueueLimiterSearch
- from:
processor:
name: QueueLimiterSearch
condition: blocked
to:
processor:
name: GenerateResponseTooManyRequests
- from:
processor:
name: QueueLimiterSearch
condition: allowed
to:
stream:
name: globalStream
at: end
response:
- from:
processor:
name: GenerateResponseTooManyRequests
to:
stream:
name: globalStream
at: end
By following these steps, you can efficiently manage API consumption on behalf of your clients using Lunar.devโs powerful quota management and flow configurations. These steps allow you to implement rate limiting and queuing mechanisms that ensure fair usage of API resources, prevent rate limit violations, and provide a seamless experience for your clients.