← All examples

API Rate Limiting

Access Control

Allow a request only if the account has not exceeded the monthly call limit for their plan.

Use this recipe

Policy rule

A **request** is allowed
  if §request.plan_limit is valid.

request.plan_limit. A **request** passes plan_check
  if the __api_calls_this_month__ of the **account** is less than the __monthly_limit__ of the **account**.

Input schema

{
  "properties": {
    "account": {
      "properties": {
        "api_calls_this_month": {
          "type": "number"
        },
        "monthly_limit": {
          "type": "number"
        }
      },
      "required": [
        "api_calls_this_month",
        "monthly_limit"
      ],
      "type": "object"
    }
  },
  "required": [
    "account"
  ],
  "title": "Account Model",
  "type": "object"
}

Test cases

Under limit

Expect pass
{
  "account": {
    "api_calls_this_month": 500,
    "monthly_limit": 10000
  }
}

Over limit

Expect fail
{
  "account": {
    "api_calls_this_month": 10500,
    "monthly_limit": 10000
  }
}

Integration

Execute this policy from your app using one of the official SDKs.

import { ExecutionClient } from "@policies2/sdk";

const client = new ExecutionClient({
	apiKey: process.env.POLICY_API_KEY!,
	transport: { kind: "rest", baseUrl: "https://api.policy2.net" },
});

const result = await client.executePolicy({
	id: "your-policy-id", // replace with your published policy ID
	reference: "base",
	data: {
		"account": {
			"api_calls_this_month": 500,
			"monthly_limit": 10000
		}
	},
});

if (result.result) {
	console.log("policy matched");
} else {
	console.log("policy did not match");
}

Ready to try this policy?

Open in editor