When you configure a rate limit policy for an API, you define the policy by rate limit tiers.
A tier is a logical entity that determines the number of times that users can invoke the API during a designated time period. Different rate limit tiers prevent users from exploiting the system resources. You can create up to six tiers. Users can only use one tier for each invocation of an API.
Assign the following rate limit tiers to APIs that use API-specific rate limit policies:
A general API-specific rate limit tier that applies to all the consumers of the API. It affects all the users in your organization, except the users you assign a user-specific rate limit to. You can allocate the rate limit tier to all the users in your organization, or allocate it per user.
When you allocate the general tier to all users, the number of calls per time frame defined in the tier is divided between all users. When you allocate the tier per user, each user can make the defined number of calls within the defined time frame.
User-specific rate limit tiers. Each tier applies to the user that you assign the tier to.
You can also change the default organizational rate limit tier that you assign to all the managed APIs in the organization. For more information about organizational policies, see
Organizational access policies.