Cloud Endpoints の割り当てを使用して、アプリケーションが API を呼び出せるペース(レート)を制御できます。割り当てを設定することで、呼び出し元アプリケーションによる過剰な数のリクエストから API を保護するための使用制限を指定できます。過剰な数のリクエストは、単純な入力ミスや、不必要に API を呼び出す非効率的な設計のシステムが原因で発生する場合があります。こうした原因とは無関係に、API の全体的な正常性を維持するには、ソースからのトラフィックが一定のレベルに達した場合にトラフィックをブロックする必要があります。割り当てを設定することで、あるアプリケーションが、API を使用している他のアプリケーションに悪影響を与えないようにできます。
このページでは、割り当てによって実現できる主な機能の概要を示します。
リクエスト数とユーザー プロジェクトの関係
Endpoints で割り当てを構成すると、ユーザーの Google Cloud プロジェクトでの 1 分あたりのリクエスト数が追跡されます。API を呼び出す各アプリケーションは、次の条件を満たしている必要があります。
API キーを API に対する各リクエストで送信する。これにより、Endpoints は呼び出し元アプリケーションと関連付けられているGoogle Cloud プロジェクトを識別し、その Google Cloud プロジェクトに対するリクエストのカウンタをインクリメントできます。
API ユーザーにGoogle Cloud コンソールで独自のプロジェクトを作成させることも、管理者が API ユーザーのためにプロジェクトを作成することもできます。Endpoints ではプロジェクトごとに割り当てが適用されるため、API ユーザーごとに 1 つのプロジェクトが必要です。
1 分あたりのリクエスト数を制限する
割り当てを設定することで、API 全体または特定のメソッドに対する 1 分あたりのリクエスト数の上限を設定できます。構成した上限値をユーザー プロジェクトのクライアント コードが超えた場合、リクエストは API に到達する前に拒否され、「429 too many
requests」という HTTP ステータス コードが返されます。呼び出し元アプリケーションは、ステータス コード 429 を処理し、指数バックオフやその他の再試行ロジックを使用して、API の呼び出しレートを下げる必要があります。
1 つ以上の割り当てを設定する
名前付きの割り当てをいくつか設定し、割り当てごとに異なるレート制限を指定できます。たとえば、大量のリソースを必要とするメソッド(複雑なクエリを実行して大きな結果リストを返すメソッドなど)と、高速かつ軽量なメソッドが API 内に混在している場合があります。その場合は、レート制限の異なる 2 つの割り当てを設定し、一方の割り当てをリソース消費量の多いメソッドに、他方の割り当てを軽量メソッドに関連付けることができます。
[[["わかりやすい","easyToUnderstand","thumb-up"],["問題の解決に役立った","solvedMyProblem","thumb-up"],["その他","otherUp","thumb-up"]],[["わかりにくい","hardToUnderstand","thumb-down"],["情報またはサンプルコードが不正確","incorrectInformationOrSampleCode","thumb-down"],["必要な情報 / サンプルがない","missingTheInformationSamplesINeed","thumb-down"],["翻訳に関する問題","translationIssue","thumb-down"],["その他","otherDown","thumb-down"]],["最終更新日 2025-09-09 UTC。"],[[["\u003cp\u003eCloud Endpoints quotas allow you to control the rate at which applications can call your API, protecting it from excessive requests.\u003c/p\u003e\n"],["\u003cp\u003eQuotas are tracked per minute per consumer Google Cloud project, requiring each calling application to have a project, enable your API, and send an API key.\u003c/p\u003e\n"],["\u003cp\u003eYou can limit requests to your entire API or specific methods, with requests exceeding the limit receiving a \u003ccode\u003e429\u003c/code\u003e HTTP status code.\u003c/p\u003e\n"],["\u003cp\u003eEndpoints enforces quotas with an approximate 30% margin of error due to aggregation and batching at the proxy to reduce runtime request latency.\u003c/p\u003e\n"],["\u003cp\u003eYou can configure multiple named quotas with varying rate limits and costs, and you can also override the configured quota limit for a specific consumer project if needed.\u003c/p\u003e\n"]]],[],null,["# About quotas\n\nOpenAPI \\| [gRPC](/endpoints/docs/grpc/quotas-overview \"View this page for the Cloud Endpoints gRPC docs\")\n\n\u003cbr /\u003e\n\n|\n| **Beta**\n|\n|\n| This feature is subject to the \"Pre-GA Offerings Terms\" in the General Service Terms section\n| of the [Service Specific Terms](/terms/service-terms#1).\n|\n| Pre-GA features are available \"as is\" and might have limited support.\n|\n| For more information, see the\n| [launch stage descriptions](/products#product-launch-stages).\n\nCloud Endpoints provides quotas, which let you control the rate at which\napplications can call your API. Setting a quota lets you specify usage\nlimits to protect your API from an excessive number of requests from\ncalling applications. The excessive requests might have been caused\nby a simple typo or from an inefficiently designed system that makes needless\ncalls to your API. Regardless of the cause, blocking traffic from a\nsource once it reaches a certain level is necessary for the overall health of\nyour API. By setting a quota, you ensure that one application cannot negatively\nimpact other applications that use your API.\n\nThis page provides an overview of the key functionality provided by quotas.\n\nRequests are tied to the consumer project\n-----------------------------------------\n\nAfter you configure a quota, Endpoints tracks the number of\nrequests per minute per consumer Google Cloud project. Each\napplication that calls your API must:\n\n- Have a Google Cloud project.\n- Have [enabled your API](/endpoints/docs/openapi/control-api-callers) in their Google Cloud project.\n- Send an [API key](/endpoints/docs/openapi/restricting-api-access-with-api-keys) with each request to your API. This lets Endpoints identify the Google Cloud project that the calling application is associated with and to increment the request counter for the Google Cloud project.\n\nYou can either have your API consumers create their own projects in the\nGoogle Cloud console, or you can create the projects for them. Because\nEndpoints enforces quotas per *project*, you must have one\nproject for each API consumer.\n\nLimit the number of requests per minute\n---------------------------------------\n\nBy setting a quota, you can limit the number of requests per minute to your\nentire API or only to specific methods. If the client code from a consumer\nproject exceeds the limit that you have configured, the request is rejected\nbefore it gets to your API, and an HTTP status code of [`429 too many\nrequests`](https://tools.ietf.org/html/rfc6585#section-4) is returned. Calling\napplications will need to handle the `429` status code and use [exponential\nbackoff](https://wikipedia.org/wiki/Exponential_backoff) or some other retry\nlogic to decrease the rate of calls to your API.\n| **The enforced limit has 30% error margin.** Endpoints uses aggregation and batching at the proxy to reduce the runtime request latency. Instead of calling quota server to check available quota for each request, the proxy aggregates and batches the quota calls. As a result, the enforced quota limit is approximate, with a 30% margin of error. For example, if the expected limit is 100 requests per minute, the quota limit enforced could range from 70 requests per minutes to 130 requests per minute.\n\nConfigure one or more quotas\n----------------------------\n\nYou can configure one or more named quotas and specify a different rate limit\nfor each quota. For example, you could have some methods in your API that are\nresource-intensive (such as a method that runs a complex query and returns a\nlarge list of results), and other methods that are fast and lightweight. You\nmight want to configure two quotas with different rate limits, and associate the\nresource-intensive methods with one quota, and the lightweight methods with the\nother quota.\n\nConfigure a cost\n----------------\n\nWhen you associate a method with a quota, you always specify a cost for the\nrequest. This allows different methods to consume the same quota at different\nrates. You can use costs as an alternative to configuring different quotas.\nFor example, suppose you configure a quota with a limit of 1000 requests per\nminute. For the lightweight methods, you configure a cost of 1, which means\nclients can call the lightweight methods 1000 times per minute. For the\nresource-intensive methods, you configure a cost of 2, which means that each\ntime the client calls the method, the request counter is incremented by 2, until\nthe limit of 1000 is reached. In effect, this limits the resource-intensive\nmethods to 500 requests per minute.\n\nOverride the configured quota\n-----------------------------\n\nThe **Endpoints** \\\u003e **Services** page displays the quota configured for each\nmethod in your API. If needed, you can override the configured limit for a\nspecific consumer project. To set an override, you need to enter the project\nnumber of the consumer project on the **Endpoints** \\\u003e **Services** page. If you\ndon't have access to the consumer project that you want to override, you need to\ncontact someone who has access to obtain the project number.\n\nWhat's next\n-----------\n\n- [Configuring quotas](/endpoints/docs/openapi/quotas-configure)\n- [Overriding quotas](/endpoints/docs/openapi/quotas-override)"]]