Diese Seite ist in Ihrer lokalen Sprache noch nicht verfügbar. Wir arbeiten daran, weitere Sprachversionen hinzuzufügen. Vielen Dank für Ihre Unterstützung.
- What's New
- Function Overview
- Product Bulletin
- Service Overview
- Getting Started
-
User Guide
- Overview
- Gateway Management
- API Group Management
- API Management
- Request Throttling
- Access Control
- Environment Management
- Signature Key Management
- VPC Channel Management
- Custom Authorizers
- Plug-ins
- Monitoring
- App Management
- Log Analysis
- SDKs
- Calling Published APIs
- Permissions Management
- Key Operations Recorded by CTS
-
Developer Guide
- Overview
- Authentication Mode Selection
- Calling APIs Through App Authentication
- Calling APIs Through IAM Authentication
- Creating a Function for Frontend Custom Authentication
- Creating a Function for Backend Custom Authentication
- Creating Signatures for Backend Requests
-
Importing and Exporting APIs
- Restrictions and Compatibility
- Extended Definition
- API Import Precautions
- Examples of Importing APIs
- API Export Precautions
-
API Reference
- Before You Start
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Registering an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- App Management
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
- VPC Channel Management
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Permissions Policies and Supported Actions
- Appendix
- Change History
- SDK Reference
- Best Practices
-
FAQs
- Common FAQs
-
API Creation
- Why Can't I Create APIs?
- How Do I Define Response Codes for an API?
- How Do I Specify the Host Port for a VPC Channel (or Load Balance Channel)?
- How Do I Set the Backend Address If I Will Not Use a VPC Channel (or Load Balance Channel)?
- How Can I Configure the Backend Service Address?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- What Should I Do After Applying for an Independent Domain Name?
- Can I Bind Private Domain Names for API Access?
- Why Does an API Failed to Be Called Across Domains?
-
API Calling
- What Are the Possible Causes for an API Calling Failure?
- What Should I Do If an Error Code Is Returned During API Calling?
- Why Am I Seeing the Error Message "414 Request-URI Too Large" When I Call an API?
- What Should I Do If "The API does not exist or has not been published in the environment." Is Displayed?
- Why Am I Seeing the Message "No backend available"?
- What Are the Possible Causes If the Message "Backend unavailable" or "Backend timeout" Is Displayed?
- Why Am I Seeing the Message "Backend domain name resolution failed" When a Backend Service Is Called?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- How Do I Switch the Environment for API Calling?
- What Is the Maximum Size of an API Request Package?
- How Do I Perform App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- App FAQs
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- How Do I Implement WebSocket Data Transmission?
- Does APIG Support Persistent Connections?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- Is There a Limit on the Size of the Response to an API Request?
- How Can I Access Backend Services over Public Networks Through APIG?
-
API Authentication
- Does APIG Support HTTPS Two-Way Authentication?
- How Do I Call an API That Does Not Require Authentication?
- Which TLS Versions Does APIG Support?
- Does APIG Support Custom Authentication?
- Will the Request Body Be Signed for Security Authentication?
- Common Errors Related to IAM Authentication Information
- API Control Policies
- API Publishing
- API Import and Export
- API Security
-
Other FAQs
- What Are the Relationships Between an API, Environment, and App?
- How Can I Use APIG?
- What SDK Languages Does APIG Support?
- Can I Upload Files Using the POST Method?
- What Are the Error Messages Returned by APIG Like?
- How Do I Use APIG to Open Up Services Deployed on Huawei Cloud?
- Can APIG Be Deployed in a Local Data Center?
- Videos
Calling APIs
Obtaining APIs and Documentation
Before calling APIs, obtain the request information from the API provider, including the access domain name, protocol, method, path, and request parameters.
Obtain APIs: from your company or from a partner
Obtain related documentation from the help center of the API provider's official website:
The authentication information to be obtained varies with the API authentication mode.
- App authentication:
- Signature authentication: Obtain the key and secret (or client AppKey and AppSecret) of the app authorized for the API from the API provider as well as the SDK for calling the API.
- Simple authentication: Obtain the AppCode of the app authorized for the API from the API provider.
- Other authentication modes: Obtain the key and secret (or client AppKey and AppSecret) of the app authorized for the API from the API provider.
- IAM authentication: The account credential (token or AK/SK obtained with the account and password) obtained on the cloud service platform is used for authentication. If the AK/SK is used for authentication, you also need to obtain the SDK from the API provider for calling the API.
- Custom authentication: Obtain the custom authentication information to be carried in the request parameters from the API provider.
- None: No authentication information is required.
Calling an API
This section describes only the configuration of the request path and authentication parameters. For other parameters, such as timeout and SSL, configure them as required. To avoid service loss due to incorrect parameters, configure them by referring to the industry standards.
- Set the request path.
Scenario
Request Parameter Configuration
Calling an API with a domain name
Call the API using the subdomain name allocated to the API group or a domain name bound to the group. No additional configuration is required.
Calling an API in the DEFAULT group with an IP address
In the shared gateway, call an API in the DEFAULT group with an IP address. No additional configuration is required.
Calling an API in a non-DEFAULT group with an IP address
- To call APIs using an IP address, ensure that the app_route parameter has been set to on on the Configuration Parameters tab page of the dedicated gateway.
- To use an IP address to call an API that uses app authentication in a non-DEFAULT group, add the header parameters X-HW-ID and X-HW-APPKEY and set the parameter values to the key and secret of an app authorized for the API or a client AppKey and AppSecret.
- To use an IP address to call an API that does not use app authentication in a non-DEFAULT group, add the header parameter host.
- Set the authentication parameters.
Authentication Mode
Request Parameter Configuration
App authentication (with a signature)
Use the SDK to sign API requests. For details, see section "Calling APIs Through App Authentication" in the API Gateway Developer Guide.
App authentication (with app_secret)
- On the Configuration Parameters tab page of a dedicated gateway, the app_secret parameter has been set to on to enable app_secret authentication and app_api_key has been set to off to disable app_api_key authentication.
- Add the header parameter X-HW-ID and set the parameter value to the key of the app authorized for the API or the client AppKey.
- Add the header parameter X-HW-AppKey and set the parameter value to the secret or AppSecret obtained in Obtaining APIs and Documentation.
App authentication (with app_basic)
- To enable app_basic authentication, ensure that the app_basic parameter has been set to on on the Configuration Parameters tab page of the dedicated gateway.
- Add the header parameter Authorization and set the parameter value to "Basic + base64 (appkey + : + appsecret)", in which appkey and appsecret are the key and secret (or AppKey and AppSecret) obtained in Obtaining APIs and Documentation.
IAM authentication (with a token)
Obtain a token from the cloud platform and carry the token in API requests for authentication. For details, see section "Token Authentication" in the API Gateway Developer Guide.
IAM authentication (with AK/SK)
Use an SDK to sign API requests. For details, see section "AK/SK Authentication" in the API Gateway Developer Guide.
Custom authentication
Carry authentication information in API request parameters for authentication.
None
Call APIs without authentication.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.