API Keys and Traffic Management

The API Keys and Traffic Management application lets you create and manage API keys inside higher-level units called key collections. At the key collection level, you can limit the number of successful requests that individual API keys in the collection can make and you can edit access control lists (ACL) associated with your API endpoints and resources.

API key management

In API Keys and Traffic Management you group API keys into easily manageable collections. Inside a collection you can perform different operations on API keys that belong to the collection. For details, see Key collections.

Access and quota control

API Keys and Traffic Management allows you to configure two additional collection-level options that control the access and usage of your API by API consumers who identify with keys from a particular collection.

User quota
User quota settings determine the maximum number of requests that API consumers can send to your API within a specific time period. When the quota limit is reached, edge servers stop forwarding requests to your origin server. The traffic returns to normal after the quota reset.
Access control list
An ACL provides information about private endpoints and resources accessible to API consumers.

API throttling

You can throttle your API traffic to limit the number of requests allowed per second. This ensures that every API consumer can have a high-quality experience when interacting with your API and prevents API consumers from dominating the capacity of your back-end API infrastructure.