Rate Limiting with Kong Gateway

Kong Gateway allows you to limit how many HTTP requests can be made in a given period.

Rate limits can be applied to a service or individual routes to protect the upstream API, or to a consumer to restrict how many times a user can call the API in the specified period.

Kong offers two standard HTTP rate limiting plugins: Rate Limiting or Rate Limiting Advanced plugins in addition to a series specialized AI, GraphQL and dynamic rate limiting plugins.

	Rate Limiting	Rate Limiting Advanced
Rate limit based on consumer, consumer-group, credential, ip and service
Basic Redis support
Redis Sentinel, Cluster + SSL support
Fixed window rate limits
Advanced rate limiting algorithms e.g. Leaky bucket, Sliding window
Enhanced window size configuration Configure custom intervals beyond standard options like second or minute.
Precise counter control Specify whether blocked requests count towards the rate limit calculation.

• Enable rate limiting for a consumer with Kong GatewayView →
• How to create rate limiting tiers with Kong GatewayView →
• Enable rate limiting on a service with Kong GatewayView →
• Multiple rate limits and window sizesView →