Change theme
Help
Press space for more information.
Show links for this issue (Shortcut: i, l)
Copy issue ID
Previous Issue (Shortcut: k)
Next Issue (Shortcut: j)
Sign in to use full features.
Vote: I am impacted
Notification menu
Refresh (Shortcut: Shift+r)
Go home (Shortcut: u)
Pending code changes (auto-populated)
View issue level access limits(Press Alt + Right arrow for more information)
Request for new functionality
View staffing
Description
Please describe your requested enhancement. Good feature requests will solve common problems or enable new use cases.
What you would like to accomplish:
Rate limit requests on per tenant basis with custom basis with ability to inject that key from Authorisation context of incoming request.
How this might work:
In custom logic plugged to API gateway (e.g. custom authoriser) or ability to specify path to API key that could be latter on used for rate limiting on API gateway.
If applicable, reasons why alternative solutions are not sufficient:
Currently there is no way to achieve this with API Gateway when using a OAuth2 machine to machine auth.
Current API keys are bound to GCP project - which means that creating a key for a client forces you to create a new project just because you need a API key. More keys from the same project shares the same quotta in API gw.
Lastly it is an extra info that you rely that client will add to the request.
Other information (workarounds you have tried, documentation consulted, etc):
I would expect this as a standard feature of API Gateway an ability to manage a API keys