Skip to content

How to rate limit based on client id from token? #2008

Answered by MSchmack
sachinjagdale asked this question in Q&A
Discussion options

You must be logged in to vote

Solution that seems to work for me is to add a ClientRateLimitMiddleware with modified Setidentity.

The middleware is roughly described here: https://github.com/ThreeMammals/Ocelot/tree/develop/src/Ocelot/RateLimit/Middleware
The user context value will vary depending on your auth provider.

        public virtual ClientRequestIdentity SetIdentity(HttpContext httpContext, RateLimitOptions option)
        {
            var clientId = "client";
            if (httpContext.Request.Headers.Keys.Contains("Authorization"))
            {
                clientId = httpContext.User.FindFirst("user_id").Value;
            }

            return new ClientRequestIdentity(
                clientId,

Replies: 1 comment

Comment options

You must be logged in to vote
0 replies
Answer selected by raman-m
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
Rate Limiting Ocelot feature: Rate Limiting Authorization Ocelot feature: Authorization
2 participants
Converted from issue

This discussion was converted from issue #1176 on March 23, 2024 14:54.