Rate Limiting
Capping how many requests a client may make, protecting a service from overload and abuse.
Rate limiting enforces a request ceiling per client. The token bucket is the common algorithm: a bucket of capacity tokens refills at a steady rate; each request spends one, and an empty bucket rejects — capacity sets the burst, refill rate the sustained limit.