Hey friends, How are you all?
Today, I am going to share how we can implement Rate Limit Policies and Counter by Client IP Address.
So, let's understand the problem first:
PROBLEM:
- We need to implement Rate Limit Policy by Client IP Address on Azure API Management. I followed this article first of all and found that I can use the following piece of code.
-
There was a second problem for me as the requests were coming through cloudflare and hence the client IP address was not available in context.Request.IpAddress
SOLUTION:
-
I was getting IPAddress as 0.0.0.0 in the app insights which is right as per GDPR, I used this link to confirm the client IP address in the pre-prod environments in App Insights.
-
I found that CloudFlare exposes the Client IP Address in the X-Forwarded-For or True-Client-IP Header to expose the client IP Address. Check out the details here.
-
I followed this link to strengethen my understanding on how to use Policy Expressions
-
The final piece: Ultimately, I used the following piece to counter by Client IP Address
Notice, the code in the counter-key, it is prettymuch C# in the razor block. For a single line statement, you can use @(
) and for multi-line statements, you can use
Happy Coding!!!