[DX-1688, TT-13153] endpoint level rate limits

[jeffy-mathew]

User description

For internal users - Please add a Jira DX PR ticket to the subject!

---

Preview Link

https://deploy-preview-5409--tyk-docs.netlify.app/docs/nightly/getting-started/key-concepts/rate-limiting/
https://deploy-preview-5409--tyk-docs.netlify.app/docs/nightly/basic-config-and-security/control-limit-traffic/rate-limiting/

Description

Screenshots (if appropriate)

Checklist

• I have added a preview link to the PR description.
• I have reviewed the suggestions made by our AI (PR Agent) and updated them accordingly (spelling errors, rephrasing, etc.)
• I have reviewed the guidelines for contributing to this repository.
• I have read the technical guidelines for contributing to this repository.
• Make sure you have started your change off our latest master.
• I labeled the PR

---

PR Type

documentation

---

Description

• Added comprehensive documentation for configuring key-level per-endpoint rate limits in Tyk Dashboard.
• Introduced the concept of key-level per-endpoint rate limits in the key concepts section.
• Updated the guidance on selecting appropriate rate limiting levels based on user needs.
• Revised the order of assessment when multiple rate limits are configured to include per-endpoint limits.

---

Changes walkthrough 📝

Relevant files

Documentation

rate-limiting.md Add documentation for key-level per-endpoint rate limits  tyk-docs/content/basic-config-and-security/control-limit-traffic/rate-limiting.md Added section on setting up key-level per-endpoint rate limits. Provided detailed steps for configuring endpoint-level rate limits in Tyk Dashboard. Included notes on assumptions for endpoint-level rate limits. +21/-0    rate-limiting.md Update key concepts with per-endpoint rate limiting            tyk-docs/content/getting-started/key-concepts/rate-limiting.md Introduced key-level per-endpoint limit concept. Updated guidance on choosing rate limiting levels. Revised order of assessment for multiple rate limits. +3/-0

---

💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

[netlify]

✅ PS. Pls add /docs/nightly to the end of url

Name	Link
🔨 Latest commit	8ad7729
🔍 Latest deploy log	https://app.netlify.com/sites/tyk-docs/deploys/66f6b7f719766b0008a10275
😎 Deploy Preview	https://deploy-preview-5409--tyk-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[andyo-tyk]

Some minor suggestions

[github-actions]

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ No key issues to review

[github-actions]

PR Code Suggestions ✨

Category	Suggestion	Score
Possible issue	Correct a typo in the documentation Correct the typo in the word "endpont" to "endpoint" to maintain the professionalism and accuracy of the documentation. tyk-docs/content/basic-config-and-security/control-limit-traffic/rate-limiting.md [80] -if a policy grants access to an API endpoint with `rate=5 per=60` then three clients using keys generated from that policy will each independently be able to make 5 requests in any 60 second period to that particular endpont of the API before receiving the `HTTP 429 Too Many Requests` error. +if a policy grants access to an API endpoint with `rate=5 per=60` then three clients using keys generated from that policy will each independently be able to make 5 requests in any 60 second period to that particular endpoint of the API before receiving the `HTTP 429 Too Many Requests` error. Suggestion importance[1-10]: 9 Why: The suggestion correctly identifies and fixes a typo, improving the professionalism and accuracy of the documentation.	9
Enhancement	Clarify the reference to a specific middleware in the documentation Replace the ambiguous phrase "the [ignore authentication]" with a more specific reference to avoid confusion, such as "the 'Ignore Authentication' middleware". tyk-docs/content/basic-config-and-security/control-limit-traffic/rate-limiting.md [87] -- the [ignore authentication]({{< ref "product-stack/tyk-gateway/middleware/ignore-middleware" >}}) middleware is not turned enabled for these endpoints +- the 'Ignore Authentication' middleware is not enabled for these endpoints Suggestion importance[1-10]: 8 Why: The suggestion improves clarity by specifying the middleware name, reducing potential confusion for readers.	8
	Improve clarity of instructions by specifying UI elements Clarify the instruction by specifying the UI element to interact with, such as "click on the 'Add Rate Limit' button". tyk-docs/content/basic-config-and-security/control-limit-traffic/rate-limiting.md [95] -Under **API Access** -> **Set endpoint-level usage limits** click on **Add Rate Limit** to configure the rate limit. +Under **API Access** -> **Set endpoint-level usage limits**, click on the 'Add Rate Limit' button to configure the rate limit. Suggestion importance[1-10]: 7 Why: The suggestion enhances the clarity of the instructions by specifying the UI element, making it easier for users to follow.	7
Best practice	Standardize terminology in the documentation Ensure consistency in terminology by replacing "Save/Update" with a consistent term, such as "Save Changes". tyk-docs/content/basic-config-and-security/control-limit-traffic/rate-limiting.md [96] -4. **Save/Update** the policy +4. **Save Changes** to the policy Suggestion importance[1-10]: 6 Why: The suggestion promotes consistency in terminology, which is a good practice for maintaining clear and professional documentation.	6

[andyo-tyk]

LGTM, thanks.

[letzya]

@jeffy-mathew @andyo-tyk going forward, please check the PR Code Suggestions bot. It found a typo etc.

[letzya]

Maybe a couple of suggestions + check my slack message @jeffy-mathew

[letzya]

@jeffy-mathew we also have API-level per-endpoint rate limit