System Design Problem

Design an API Rate Limiter

Commonly Asked By:StripeGoogleAmazonMicrosoftUberLyft

  • Limit the number of requests a client can make to an API within a given time window
  • Support multiple rate limiting rules (e.g., per user, per IP, per API key, per endpoint)
  • Support configurable rules: X requests per Y seconds/minutes/hours
  • Return meaningful error responses (HTTP 429) with retry-after header when limit is exceeded
  • Support different tiers of rate limits (free, premium, enterprise)
  • Provide a way to whitelist certain clients (internal services)
  • Support both hard limits (reject) and soft limits (log warning, allow)
  • Dashboard to view rate limiting metrics and adjust rules in real-time
Loading...