Kong ingress rate limit if user is not auth

Hi!

I would like to know if there is any way of customizing a Kong Ingress in a way that:

  • If the user is not authenticated, he should be able to access an API with the X rate limit.
  • If the user is authenticated, he should be able to access an API with the Y rate limit.

Until now I could attend both prerequisites separated but I am struggling to attend both rules in the same ingress.

Thanks!

Did you try the anonymous consumer work around?

You can create a consumer, assign it’s uuid to the anonymous field in the auth plugin.

And then create a special rate-limit plugin on the anonymous consumer, which will be used in case of unauthenticated requests.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ