I have been asked to evaluate kong as a possible api gateway solution specifically with regards to effective rate limiting. In our case, we would like to rate limit individual customers, identified as a claim in a JWT bearer token.
Is this kind of solution supported with one or more existing plugins or would we need to write one ourselves? I followed some links to enterprise documentation but didn’t find what I was looking for. I just need a pointer.
My question was a little more specific - will the plugins allow me to use any claim from the JWT authentication token as a basis for rate limiting? In our case the subject of the JWT is not the Consumer.
I’ll read up some more. Thanks again