What are common API rate limiting algorithms?

Popular rate limiting techniques: - **Fixed window:** simple but can burst at window edges. - **Sliding window:** smoother enforcement. - **Token bucket:** allows bursts up to bucket size; refills over time. - **Leaky bucket:** steady outflow; good for smoothing. **Implementation notes:** distributed rate limiting often uses Redis (atomic increments, Lua scripts) or gateway-level controls.