Credential Authorization
Function
An app cannot access any APIs after being created. To access an API in a specific environment, bind the app to the API in the environment. After this operation, the app can access the API in the environment.
URI
POST /v2/{project_id}/apic/instances/{instance_id}/app-auths
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID. For details about how to obtain the project ID, see Appendix > Obtaining a Project ID in the ROMA Connect API Reference. |
|
instance_id |
Yes |
String |
Instance ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
env_id |
Yes |
String |
ID of the environment in which the apps will be authorized. |
|
app_ids |
Yes |
Array of strings |
App IDs |
|
api_ids |
Yes |
Array of strings |
API list. You can specify both self-developed and purchased APIs. |
|
auth_tunnel |
No |
String |
Authorization channel type.
The green channel can be enabled when the green_tunnel feature is enabled. If this field is left blank, the green channel is not used by default. |
|
auth_whitelist |
No |
Array of strings |
Green channel authorization whitelist. IP addresses in the whitelist can be accessed without authentication information. This parameter takes effect when auth_tunnel is set to GREEN. |
|
auth_blacklist |
No |
Array of strings |
Green channel authorization whitelist. This parameter is valid when auth_tunnel is set to GREEN. |
|
visit_params |
No |
Array of ApiAuthVisitParam objects |
List of access parameters. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
api_id |
Yes |
String |
ID of the environment in which the apps will be authorized. |
|
app_id |
No |
String |
ID of the app to be authorized. |
|
visit_param |
Yes |
String |
Access parameters. The value can contain letters, digits, underscores (_), and hyphens (-). Multiple parameters are separated by commas (,). Each parameter must end with a letter or digit and must be unique. The length of a single parameter cannot exceed 255 characters. |
Response Parameters
Status code: 201
|
Parameter |
Type |
Description |
|---|---|---|
|
auths |
Array of ApiAuthRelations objects |
App authorization record list. |
|
Parameter |
Type |
Description |
|---|---|---|
|
api_id |
String |
API ID. |
|
auth_result |
AuthResult object |
Authorization result. |
|
auth_time |
String |
Authorization time. |
|
id |
String |
Authorization record ID. |
|
app_id |
String |
App ID. |
|
auth_role |
String |
Authorizer.
|
|
auth_tunnel |
String |
Authorization channel type.
If this field is left blank, the green channel is not used by default. |
|
auth_whitelist |
Array of strings |
Green channel authorization whitelist. IP addresses in the whitelist can access APIs without being authenticated. |
|
auth_blacklist |
Array of strings |
Authorization blacklist for the green channel. |
|
visit_params |
String |
Access parameters. |
|
Parameter |
Type |
Description |
|---|---|---|
|
status |
String |
Authorization result.
|
|
error_msg |
String |
Error message displayed for an authentication failure. |
|
error_code |
String |
Error code displayed for an authentication failure. |
|
api_name |
String |
Name of the API for which authorization fails. |
|
app_name |
String |
Name of the API for which authorization fails. |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error description. |
Status code: 401
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error description. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error description. |
Status code: 404
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error description. |
Status code: 500
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error description. |
Example Requests
Bind an app to an API in a specified environment.
{
"env_id" : "DEFAULT_ENVIRONMENT_RELEASE_ID",
"app_ids" : [ "356de8eb7a8742168586e5daf5339965" ],
"api_ids" : [ "5f918d104dc84480a75166ba99efff21" ]
}
Example Responses
Status code: 201
Created
{
"auths" : [ {
"api_id" : "5f918d104dc84480a75166ba99efff21",
"auth_result" : {
"status" : "SUCCESS"
},
"auth_time" : "2020-08-04T04:02:22.482227344Z",
"id" : "dd29b33ae4394e3b924b582c6b40880b",
"app_id" : "356de8eb7a8742168586e5daf5339965",
"auth_role" : "PROVIDER",
"auth_tunnel" : "NORMAL",
"auth_whitelist" : [ ],
"auth_blacklist" : [ ]
} ]
}
Status code: 400
Bad Request
{
"error_code" : "APIG.2011",
"error_msg" : "Invalid parameter value,parameterName:api_ids. Please refer to the support documentation"
}
Status code: 401
Unauthorized
{
"error_code" : "APIG.1002",
"error_msg" : "Incorrect token or token resolution failed"
}
Status code: 403
Forbidden
{
"error_code" : "APIG.1005",
"error_msg" : "No permissions to request this method"
}
Status code: 404
Not Found
{
"error_code" : "APIG.3004",
"error_msg" : "App 356de8eb7a8742168586e5daf5339965 does not exist"
}
Status code: 500
Internal Server Error
{
"error_code" : "APIG.9999",
"error_msg" : "System error"
}
Status Codes
|
Status Code |
Description |
|---|---|
|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
403 |
Forbidden |
|
404 |
Not Found |
|
500 |
Internal Server Error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
