So far, we haven't established any limits on the usage of our API, and therefore, both authenticated and unauthenticated users can compose and send as many requests as they want to. We only took advantage of the pagination features available in Django REST Framework to specify how we wanted large result sets to be split into individual pages of data. However, any user can compose and send thousands of requests to be processed without any kind of limitation.
Obviously, it is not a good idea to deploy such an API encapsulated in a microservice in a cloud platform. A wrong usage of the API by any user could cause the microservice to consume a huge amount of resources, and the cloud platform bills would reflect this situation.
We will use the throttling capabilities available in Django REST Framework to configure the following global limitations to the usage of our API, based on whether the requests come from unauthenticated or authenticated users. We...