User quota settings determine the maximum number of requests that API consumers can send to your APIs within a specific time period.
You set the user quota limit at the key collection level and apply the settings to all keys included in the collection. As long as an API key has a remaining quota, API consumers can use the key to access your endpoints and resources. When a key’s quota reaches its limit, edge servers stop forwarding the requests made with the key to your origin server. The key regains its full quota after either the scheduled automatic quota reset, or after a manual reset. For information on the manual quota reset for individual keys, see Reset key quota.
Staging and production environments have the same quota counters for API keys. This means that when you make test requests with an API key in the staging environment, you also increase the key’s quota counter in the production environment. To ensure that your activity in the staging environment does not influence the production quota, create and use separate API keys for testing purposes.
You can provide details about a key’s current quota status to the clients that send requests to your API. The details are passed via the quota limit response headers and include:
- The request limit per unit of time (X-RateLimit-Limit)
- The remaining number of allowed requests in the current time window (X-RateLimit-Remaining)
- The time of the next quota reset if the quota remains at the time of the request (X-RateLimit-Reset)
- The time of the next quota reset if the quota is full at the time of the request (X-RateLimit-Next)
At any time, you can change the collection-level quota settings, including allowed requests per time unit and headers, by editing the information included in the Quota settings section.