Open PortfolioOpen Portfolio.
โ† Back to Blog

How to Implement API Throttling

May 23, 2026at 2:00 PM UTCBy Pocket Portfolio TeamTechnology
How to Implement API Throttling
#api#throttling#rate limiting#backend

API throttling is a critical aspect of managing traffic in any scalable API-based application. It prevents abuse by limiting the number of requests made to an API within a specified timeframe, ensuring fair use and optimizing server resource usage.

Problem

Without API throttling, a service can become overwhelmed by too many requests, leading to poor performance or downtime. This can be due to intentional abuse or an unexpected spike in legitimate traffic. Implementing throttling helps maintain service quality and availability.

Solution with Code

A common way to implement API throttling is by using an in-memory data store like Redis to track request counts. Here's a basic implementation using Node.js and Express:

  1. Install Dependencies

    First, ensure you have Node.js and Redis installed. You will also need the express and ioredis packages:

    npm install express ioredis

  2. Set Up Express and Redis

    Create an index.js file and set up Express with Redis:

    const express = require('express');
const Redis = require('ioredis');

const app = express();
const redis = new Redis();

const PORT = process.env.PORT || 3000;

  3. Implement Throttling Middleware

    Add middleware to check and update request counts:

    const rateLimit = (req, res, next) => {
  const ip = req.ip;
  const timeWindow = 60; // time window in seconds
  const maxRequests = 100; // max requests per window

  redis.multi()
    .set([ip, 0, 'EX', timeWindow, 'NX'])
    .incr(ip)
    .exec((err, replies) => {
      if (err) return res.status(500).send('Server Error');
      const requestCount = replies[1][1];

      if (requestCount > maxRequests) {
        res.status(429).send('Too many requests. Please try again later.');
      } else {
        next();
      }
    });
};

app.use(rateLimit);

  4. Run Your Server

    Lastly, add a simple endpoint and start your server:

    app.get('/', (req, res) => {
  res.send('Welcome to the API.');
});

app.listen(PORT, () => {
  console.log(`Server running on port ${PORT}`);
});

Key Concepts

  • Rate Limiting: This involves setting a threshold for the number of API calls allowed within a certain timeframe. Once the limit is reached, further requests are rejected until the window resets.

  • Redis Usage: Redis is used here to store and check the count of requests per client IP. It supports operations like incrementing counts and setting expiration times efficiently.

  • Middleware: The rate-limiting logic is encapsulated in middleware, making it easy to apply to any endpoint in the Express application.

By implementing API throttling, you can significantly improve your service's resilience and maintain performance, even under high load conditions.

How to Implement API Throttling | Open Portfolio Blog | Open Portfolio