How to setup rules for each API key

Hi,

i want somehow set up rules how many calls a specific user with a API Key can do each minute. (for exampel are allowed to place 10 calls per minute for a specific service).

Also rules which services they are allowed to call and so on.
I use my own database table for storing the key and the key are sent by the header as x-api-key.
Is there any built in option for setting up rules ?

Thyx!

Sounds like you’re using your own Custom API Key implementation? There’s nothing built in the framework that’s specific to API throttling, you’d need to implement the logic yourself inside a Request Filter / Filter attribute, etc.

Here are a few examples that may help decide on your implementation: