Policies
A Policy defines rate limits and long-term quotas for a Client. Attach a policy to prevent abuse, enforce fair use, and meet SLA requirements.
Rate limit vs Quota
Zerq supports two tiers of limiting:
| Type | Purpose | Example |
|---|---|---|
| Rate limit | Short-term throttling — prevent bursts | 100 requests per minute |
| Quota | Long-term cap — enforce monthly billing limits | 50,000 requests per month |
Both can be configured independently. A client hitting either limit receives:
HTTP/1.1 429 Too Many Requests
Content-Type: application/json
{
"error": "rate_limit_exceeded",
"message": "You have exceeded your request rate limit. Please try again later."
}
Creating a Policy
- Go to Policies in the sidebar
- Click New Policy
- Fill in:
| Field | Description |
|---|---|
| Name | Descriptive label (e.g., "Free Tier", "Enterprise Plan") |
| Description | Optional notes |
| Rate limit — Max requests | Maximum requests per interval |
| Rate limit — Interval | 1m, 5m, or 1h |
| Quota — Max requests | Maximum requests per quota period |
| Quota — Interval | 1d, 7d, or 30d |
- Click Create
Interval options
Rate limit intervals
| Interval | Window |
|---|---|
1m | 1-minute sliding window |
5m | 5-minute sliding window |
1h | 1-hour sliding window |
Quota intervals
| Interval | Reset behavior |
|---|---|
1d | Resets at midnight UTC daily |
7d | Resets every Monday at 00:00 UTC |
30d | Resets on the 1st of each month at 00:00 UTC |
Attaching a policy to a client
- Open the Client
- Click Edit
- Select a Policy from the dropdown
- Save
The policy applies to all the client's active profiles combined — not per profile.
Disabling a policy
Toggle a policy to inactive to stop enforcing it without deleting it. This is useful for temporarily lifting limits during an incident or migration.
Designing policies for tiers
Common patterns:
Free tier: 100 req/min, 10,000 req/month
Starter tier: 500 req/min, 100,000 req/month
Business tier: 2,000 req/min, 1,000,000 req/month
Enterprise: Unlimited (no policy attached)
Monitoring usage
View a client's current quota usage on the Client detail page. The Metrics dashboard also shows request volumes per client filtered by time range.
→ See Observability