Hi Shashika,
On Fri, Aug 16, 2013 at 12:11 PM, Shashika Ubhayaratne <[email protected]>wrote: > Hi All, > > As per the current behaviour, API throtting works as follows: > > When API is created with tier = Bronze (Should allow 1 request per minute) > & Auth Type for GET = Application & Application User, > > If we send following requests within a minutes time > Request 1 with access token - Success > Request 2 with access token - Failed > Request 3 with user token - Success > Request 4 with user token - Failed > > Is this correct/ expected behavior? > Yes, a user is identified by the token that is sent. So in your test case above, Request 1 and Request 2 are made by two different users (since two tokens have been used). > > Or Else, Request 3 also should be failed since API level throttling set to > 1 and more than 1 requests should not allow. > Throttling limits applies per-user. Therefore Request 3 should be allowed. > > Please clarify? > > Thanks, > Shashika > Thanks, NuwanD. -- Nuwan Dias Senior Software Engineer - WSO2, Inc. http://wso2.com email : [email protected] Phone : +94 777 775 729
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
