Design API rate limiting step by step. API description: {{api_description}} Expected traffic: {{traffic_patterns}} Client types: {{client_types}} Think through systematically: 1. PROTECTION GOALS: Prevent abuse, ensure fairness, or protect resources? 2. LIMIT TYPES: Per-user, per-IP, per-API-key, global? 3. RATE DIMENSIONS: Requests per second, minute, hour, or day? 4. ALGORITHM: Token bucket, sliding window, or fixed window? 5. TIER DIFFERENTIATION: Different limits for different user tiers? 6. ENDPOINT VARIATION: Different limits for different endpoints? 7. BURST HANDLING: Allow short bursts or strict enforcement? 8. RESPONSE HEADERS: What headers help clients self-throttle? 9. EXCEEDED BEHAVIOR: 429 response, queue, or degrade? 10. STORAGE: Where is rate limit state stored? Distributed? 11. MONITORING: What metrics track rate limit effectiveness?
API Rate Limiting Design
Design an API rate limiting strategy through systematic analysis.
3 copies0 forks
Details
Category
CodingUse Cases
Rate limiting designAPI protection planningTraffic management strategy
Works Best With
claude-opus-4.5gpt-5.2gemini-2.0-flash
Created Updated Shared