Azure API Management Throttling Policy optimization guide as Expected with Custom Rate Limit
I'm currently implementing an API Management instance on Azure to expose my backend services. I set up a throttling policy to limit requests to 100 requests per minute per client IP. However, it's not behaving as expected. Even after reaching the limit, some clients can still send requests through without any throttling being applied. Here's the policy configuration I have in place: ```xml <policies> <inbound> <rate-limit calls="100" renewal-period="60" /> </inbound> <backend> <forward-request /> </backend> <outbound> <set-header name="X-RateLimit-Limit" exists-action="override"> <value>100</value> </set-header> </outbound> </policies> ``` I've tested this with multiple clients from different IP addresses, but it seems that some clients are still able to send requests without hitting the rate limit. The Azure API Management instance is set up with a standard tier, and I'm using the latest version as of October 2023. I also tried adding a `<deny>` policy to explicitly block requests once the rate limit is reached, but that didn't resolve the scenario either. The only logs I can see do not indicate that the requests are being throttled. Have I configured the rate-limiting policy correctly, or is there something else I might be missing? Any insights would be greatly appreciated!