Rate limiting is a way to control the amount of traffic that a web application or API receives, by limiting the number of requests that can be made in a given period of time.
The RateLimiterOptionsExtensions class provides the following extension methods for rate limiting:
Fixed window limit
lets you apply limits such as “60 requests per minute”. Every minute, 60 requests can be made. One every second, but also 60 in one go
Sliding window limit
is similar to the fixed window limit, but uses segments for more fine-grained limits. Think “60 requests per minute, with 1 request per second”
Token bucket limit
lets you control flow rate, and allows for bursts. Think “you are given 100 requests every minute”. If you make all of them over 10 seconds, you’ll have to wait for 1 minute before you are allowed more requests
Concurrency limit
is the simplest form of rate limiting. It doesn’t look at time, just at number of concurrent requests. “Allow 10 concurrent requests”
More details link https://blog.maartenballiauw.be/post/2022/09/26/aspnet-core-rate-limiting-middleware.html