You can configure and assign rate limit policy, JSON web token authentication, and IP filtering policy to API groups.
Rate limit configuration for API groups
You can associate a rate limit policy with any operation in an API group.
1On the API Groups page, select the API Groups tab.
2Click the Actions menu on the row of the API group and select Edit API Group.
3On the Policies tab, click Rate Limit.
4Select a rate limit for the managed API group. The organization level rate limit policy is applied to the managed API group by default.
5Optionally, add user-level rate limit.
6Click Save.
IP filtering rules configuration for API groups
Create an IP filtering policy at the managed API group level.
1On the API Groups page, select the API Groups tab.
2Click the Actions menu on the row of the API group and select Edit API Group.
3On the Policies tab, click IP Filtering Rules > Add IP Filtering Rule..
4Select to allow or deny a range of addresses, and then fill in the IP range.
5Optionally, enter a description of the rule. Add additional rules as required to define the policy.
6Click Save.
JWT Access Token configuration for API groups
Enabling the API-level JSON web token authentication while creating an API group overrides all the operation-level authentications. You can't change the authentication type while creating a managed API group. After you activate the managed API with API-level JSON web token authentication, you can't remove the JSON web token authentication from that particular API group.
For more information about API policies, see API Policies.