AspNetCoreRateLimit icon indicating copy to clipboard operation
AspNetCoreRateLimit copied to clipboard

Published 20 hours ago verified publisher icon stefanprodan

[Question] RateLimiting on a MultiTenant Service

Open mohi41 opened this issue 3 years ago • 2 comments

Hi I have a multi-tenant service and I want to enforce different rules (and quotas) based on the [tenantId + ClientId]. Each tenant should have its own rules. Any suggestion?

mohi41 avatar Jan 15 '21 09:01 mohi41

@melmi I think you would need to create your own custom config class (inheriting from RateLimitConfiguration) and register it in your services. Also your own IClientResolveContributor implementation in order to resolve the client ID.

AntonyCorbett avatar Mar 04 '21 11:03 AntonyCorbett

This might be a useful resource in that case, assuming for example you are using OAuth client credentials flow, you can extract the tenant from the user claims:

https://blog.elmah.io/rate-limiting-api-requests-with-asp-net-core-and-aspnetcoreratelimit/

rebeccapowell avatar Jul 09 '21 13:07 rebeccapowell