A company uses Azure API Management to expose APIs. They need to enforce rate limiting per subscription key and also allow a burst of requests for a short period. Which policy should they apply?
Limits per subscription key with burst support.
Why this answer
The rate-limit-by-key policy (option C) enforces rate limits per key with a burst window. Option A is per product, not per key. Option B is for IP addresses.
Option D is for concurrency, not rate.