| description |
|---|
This page provides the technical details of the GraphQL Rate Limit policy |
{% hint style="warning" %} This feature requires Gravitee's Enterprise Edition. {% endhint %}
The GraphQL Rate Limit policy provides basic rate limiting for GraphQL queries.
Unlike a traditional rate-limiting policy, where a weight of 1 is applied to every incoming request, the graphql-rate-limit policy calculates the cost of the GraphQL query and considers this cost to be the weight.
Functional and implementation information for the graphql-rate-limit policy is organized into the following sections:
{% hint style="warning" %} This policy can be applied to v2 APIs and v4 HTTP proxy APIs. It cannot be applied to v4 TCP proxy APIs or v4 message APIs. {% endhint %}
{% tabs %} {% tab title="HTTP proxy API example" %}
query { # + 1
allPeople(first:20) { # * 20 + 1
people { # + 1
name # + 1
vehicleConnection(first:10) { # * 10 + 1
vehicles { # + 1
id # + 1
name # + 1
cargoCapacity # + 1
}
}
}
}
}The total cost for the above GraphQL query is: ((((4 * 10 + 1) + 1) + 1) * 20 + 1) + 1 = 862 {% endtab %} {% endtabs %}
The phases checked below are supported by the graphql-rate-limit policy:
| v2 Phases | Compatible? | v4 Phases | Compatible? |
|---|---|---|---|
| onRequest | true | onRequest | true |
| onResponse | false | onResponse | false |
| onRequestContent | false | onMessageRequest | false |
| onResponseContent | false | onMessageResponse | false |
The graphql-rate-limit policy can be configured with the following options:
| Property | Required | Description | Type | Default |
|---|---|---|---|---|
| limit | true | Static limit on the number of GraphQL queries that can be sent. | integer | 0 |
| periodTime | true | Time duration | Integer | 1 |
| periodTimeUnit | true | Time unit ("SECONDS", "MINUTES" ) | String | SECONDS |
| maxCost | false | A defined maximum cost per query. 0 means unlimited. | integer | 0 |
The following is the compatibility matrix for APIM and the graphql-rate-limit policy:
| Plugin Version | Supported APIM versions |
|---|---|
| 1.0+ | 4.3+ |
| Phase | Code | Error template key | Description |
|---|---|---|---|
| * | 400 | GRAPHQL_RATE_LIMIT_REACH_MAX_COST | When the query reaches the max cost |
| * | 429 | GRAPHQL_RATE_LIMIT_TOO_MANY_REQUESTS | When too many requests have been made according to the rate limiting configuration |