Skip to content

The Rate Limiting Advanced plugin documentation could use some extra details around types of identifiers #4156

Open
@d19dotca

Description

@d19dotca

Where is the problem?

https://docs.konghq.com/hub/kong-inc/rate-limiting-advanced/#parameters

What happened?

A support case was opened asking for clarification on how 'header' and 'credential' identifier types are handled in the Rate Limiting plugins, as our documentation doesn't quite make that clear at this time. Their specific questions are below for context:

1. If we set "config.limit_by = header" and "config.header_name = x-rate-limit-header", and two requests arrive with "x-rate-limit-header = one" and "x-rate-limit-header = two" respectively, will the two requests be aggregated into different counters? In other words, do different header values identify different counters?
2. If we set "config.limit_by = credential", what happens? There's no explanation whatsoever of what credential refers to, nor what the expected behavior is.

What did you expect to happen?

I think these questions from one of our customers brings up a good use-case to improving our documentation on the Rate Limiting plugins with regards to how the different identifiers work exactly (especially the ones without a related sub-parameter).

FWIW (and someone else may have a better explanation than mine), I believe those two identifiers in particular can be explained in a manner similar to this:

  • 'credential' type is handled automatically (no sub-parameter involved) and incremented on each set of credentials seen in any Auth-related plugin (i.e. OIDC, LDAP, Key-Auth, etc)
  • 'header' type requires the use of the 'header_name' parameter, and it increments on the keypair of header name and header value. If a header name is used but seen with multiple different values, they only increment as one until a matching keypair has been seen.

Code of Conduct and Community Expectations

  • I agree to follow this project's Code of Conduct
  • I agree to abide by the Community Expectations

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions