Help Center/ API Gateway/ API Reference/ Dedicated Gateway APIs (V2)/ Custom Authorizer Management/ Creating a Custom Authorizer

Updated on 2023-04-06 GMT+08:00

View PDF

Creating a Custom Authorizer

Function

This API is used to create a custom authorizer.

URI

POST /v2/{project_id}/apigw/instances/{instance_id}/authorizers

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For details about how to obtain a project ID, see "Appendix" > "Obtaining a Project ID" in this document.
instance_id	Yes	String	Gateway ID, which can be obtained from the gateway information on the APIG console.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
name	Yes	String	Custom authorizer name. It can contain 3 to 64 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed.
type	Yes	String	Custom authorizer type. FRONTEND BACKEND Modification is not allowed. Enumeration values: FRONTEND BACKEND
authorizer_type	Yes	String	Value: FUNC. Enumeration values: FUNC
authorizer_uri	Yes	String	Function URN.
authorizer_version	No	String	Function version. If both a function alias URN and version are passed, the alias URN will be used and the version will be ignored. Maximum: 64
authorizer_alias_uri	No	String	Function alias URN. If both a function alias URN and version are passed, the alias URN will be used and the version will be ignored.
identities	No	Array of Identity objects	Identity source.
ttl	No	Integer	Maximum cache age.
user_data	No	String	User data.
ld_api_id	No	String	Custom backend ID. Currently, this parameter is not supported.
need_body	No	Boolean	Indicates whether to send the body.

**Table 4** Identity
Parameter	Mandatory	Type	Description
name	Yes	String	Parameter name.
location	Yes	String	Parameter location. Enumeration values: HEADER QUERY
validation	No	String	Parameter verification expression. The default value is null, indicating that no verification is performed.

Response Parameters

Status code: 201

**Table 5** Response body parameters
Parameter	Type	Description
name	String	Custom authorizer name. It can contain 3 to 64 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed.
type	String	Custom authorizer type. FRONTEND BACKEND Modification is not allowed. Enumeration values: FRONTEND BACKEND
authorizer_type	String	Value: FUNC. Enumeration values: FUNC
authorizer_uri	String	Function URN.
authorizer_version	String	Function version. If both a function alias URN and version are passed, the alias URN will be used and the version will be ignored. Maximum: 64
authorizer_alias_uri	String	Function alias URN. If both a function alias URN and version are passed, the alias URN will be used and the version will be ignored.
identities	Array of Identity objects	Identity source.
ttl	Integer	Maximum cache age.
user_data	String	User data.
ld_api_id	String	Custom backend ID. Currently, this parameter is not supported.
need_body	Boolean	Indicates whether to send the body.
id	String	Custom authorizer ID.
create_time	String	Creation time.
roma_app_id	String	ID of the application to which the custom authorizer belongs. Currently, this parameter is not supported.
roma_app_name	String	Name of the application to which the custom authorizer belongs. Currently, this parameter is not supported.

**Table 6** Identity
Parameter	Type	Description
name	String	Parameter name.
location	String	Parameter location. Enumeration values: HEADER QUERY
validation	String	Parameter verification expression. The default value is null, indicating that no verification is performed.

Status code: 400

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 401

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 403

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 404

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 500

**Table 11** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Example Requests

{
  "name" : "Authorizer_demo",
  "type" : "FRONTEND",
  "authorizer_type" : "FUNC",
  "authorizer_uri" : "urn:fss:xx-xxx:106506b9a92342df9a5025fc12351cfc:function:defau:apigDemo_1592617458814",
  "authorizer_version" : "v1",
  "authorizer_alias_uri" : "urn:fss:xx-xxx-4:106506b9a92342df9a5025fc12351cfc:function:defau:apigDemo_1592617458814:!v1",
  "identities" : [ {
    "name" : "header",
    "location" : "HEADER"
  } ],
  "user_data" : "authorizer_test"
}

Example Responses

Status code: 201

Created

{
  "name" : "Authorizer_demo",
  "type" : "FRONTEND",
  "authorizer_type" : "FUNC",
  "authorizer_uri" : "urn:fss:xx-xxx-4:106506b9a92342df9a5025fc12351cfc:function:defau:apigDemo_1592617458814",
  "authorizer_version" : "v1",
  "authorizer_alias_uri" : "urn:fss:xx-xxx-4:106506b9a92342df9a5025fc12351cfc:function:defau:apigDemo_1592617458814:!v1",
  "identities" : [ {
    "name" : "header",
    "location" : "HEADER"
  } ],
  "ttl" : 0,
  "user_data" : "authorizer_test",
  "id" : "0d982c1ac3da493dae47627b6439fc5c",
  "create_time" : "2020-07-31T11:55:43Z"
}

Status code: 400

Bad Request

{
  "error_code" : "APIG.2011",
  "error_msg" : "Invalid parameter value,parameterName:type. Please refer to the support documentation"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3019",
  "error_msg" : "The function URN does not exist"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code	Description
201	Created
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error

Error Codes

See Error Codes.

Parent topic: Custom Authorizer Management

Previous topic: Custom Authorizer Management

Next topic: Modifying a Custom Authorizer

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel