Skip to main content

Parameters

See plugin common configurations for configuration options available to all plugins.

This plugin supports referencing parameter values from environment variables using the env:// prefix, or from a secret manager, such as HashiCorp Vault’s KV secrets engine, using the secret:// prefix. For more information, see environment variables in plugin and secrets.

  • count

    integer

    required

    vaild vaule:

    greater than 0

    The maximum number of requests allowed within a given time interval.

  • time_window

    integer

    required

    vaild vaule:

    greater than 0

    The time interval corresponding to the rate limiting count in seconds.

  • key_type

    string

    default: var

    vaild vaule:

    var, var_combination, or constant

    The type of key.

    If the key_type is var, the key is interpreted a variable.

    If the key_type is var_combination, the key is interpreted as a combination of variables.

    If the key_type is constant, the key is interpreted as a constant.

  • key

    string

    default: remote_addr

    The key to count requests by.

    If the key_type is var, the key is interpreted a variable. The variable does not need to be prefixed by a dollar sign ($). See built-in variables for avaialble variables.

    If the key_type is var_combination, the key is interpreted as a combination of variables. All variables should be prefixed by dollar signs ($). For example, to configure the key to use a combination of two request headers custom-a and custom-b, the key should be configured as $http_custom_a $http_custom_b.

    If the key_type is constant, the key is interpreted as a constant value.

  • rejected_code

    integer

    default: 503

    vaild vaule:

    between 200 and 599 inclusive

    The HTTP status code returned when a request is rejected for exceeding the threshold.

  • rejected_msg

    string

    vaild vaule:

    any non-empty string

    The response body returned when a request is rejected for exceeding the threshold.

  • policy

    string

    default: local

    vaild vaule:

    local, redis, or redis-cluster

    The policy for rate limiting counter. If it is local, the counter is stored in memory locally. If it is redis, the counter is stored on a Redis instance. If it is redis-cluster, the counter is stored in a Redis cluster.

  • allow_degradation

    boolean

    default: false

    If true, allow APISIX to continue handling requests without the plugin when the plugin or its dependencies become unavailable.

  • show_limit_quota_header

    boolean

    default: true

    If true, include X-RateLimit-Limit to show the total quota and X-RateLimit-Remaining to show the remaining quota in the response header.

  • group

    string

    vaild vaule:

    non-empty

    The group ID for the plugin, such that routes of the same group can share the same rate limiting counter.

  • redis_host

    string

    The address of the Redis node. Required when policy is redis.

  • redis_port

    integer

    default: 6379

    vaild vaule:

    greater than or equal to 1

    The port of the Redis node when policy is redis.

  • redis_username

    string

    The username for Redis if Redis ACL is used. If you use the legacy authentication method requirepass, configure only the redis_password. Used when policy is redis.

  • redis_password

    string

    default: 6379

    The password of the Redis node when policy is redis or redis-cluster.

  • redis_database

    integer

    default: 0

    vaild vaule:

    greater than or equal to 0

    The database number in Redis when policy is redis.

  • redis_ssl

    boolean

    default: false

    If true, use SSL to connect to Redis cluster when policy is redis.

  • redis_ssl_verify

    boolean

    default: false

    If true, verify the server SSL certificate when policy is redis.

  • redis_timeout

    integer

    default: 1000

    vaild vaule:

    greater than or equal to 1

    The Redis timeout value in milliseconds when policy is redis or redis-cluster.

  • redis_cluster_nodes

    array[string]

    The list of the Redis cluster nodes with at least two addresses. Required when policy is redis-cluster.

  • redis_cluster_name

    string

    The name of the Redis cluster. Required when policy is redis-cluster.

  • redis_cluster_ssl

    boolean

    default: false

    If true, use SSL to connect to Redis cluster when policy is redis-cluster.

  • redis_cluster_ssl_verify

    boolean

    default: false

    If true, verify the server SSL certificate when policy is redis-cluster.

  • sync_interval

    number

    default: -1

    vaild vaule:

    greater than or equal to 0.1, or the default -1

    The frequency of synchronizing counter data to Redis. Available only in Enterprise.

    The sync_interval value should be smaller than time_window. A value of 1 results in synchronizing counter data every second. A value of -1 yields no change in synchronizing behaviour, i.e. counter data will be synchronized for each request.

API7.ai Logo

The digital world is connected by APIs,
API7.ai exists to make APIs more efficient, reliable, and secure.

Sign up for API7 newsletter

Product

API7 Gateway
API7 AI Gateway
API7 API Portal

Learn

API Gateway Guide
Plugin Hub
API Gateway Comparison
Customers

Resources

API Gateway Docs
Blog
Demo Hub
APISIX vs Kong

Company

About
Contact
Compliance Standards
Partners
Terms & Privacy
SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN PTE. LTD 2019 – 2025. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the Apache Software Foundation