Help Center/ ROMA Connect/ User Guide (ME-Abu Dhabi Region)/ Service Integration Guide/ Calling an API/ Calling an Open API
Updated on 2023-07-26 GMT+08:00
View PDF
Share

Calling an Open API

Overview

After an API is published in an environment, it can be called by other users. API calling operations vary depending on the authentication mode used by the API.

Obtaining API Request Information

Before calling an API, you need to obtain the API request information from the API provider, including the access domain name, request protocol, request method, request path, and request parameters.

Obtain the request authentication information based on the authentication mode used by an API.

  • App:
    • Signature authentication: Obtain the key and secret of the integration application (or client AppKey and AppSecret) authorized by the API from the API provider as well as the SDK for calling the API.
    • Simple authentication: Obtain the AppCode of the client authorized by the API from the API provider.
    • Other authentication modes: Obtain the key and secret of the integration application (or client AppKey and AppSecret) authorized by the API from the API provider.
  • The account credential (password or AK/SK) of the cloud service platform is used for authentication. If the AK/SK is used for authentication, you also need to obtain the SDK for calling the API from the API provider.
  • Custom: Obtain the custom authentication information to be carried in the request parameters from the API provider.
  • None: No authentication information is required.

If you use the default subdomain name allocated by the system to access an API, you can access the API for a maximum of 1000 times every day.

Calling an API

  1. Set the parameters related to the request address.

    Scenario

    API Request Parameter Configuration

    Using a domain name to call an API

    ROMA Connect allows APIs to be called using the subdomain name assigned to the API group or the domain name bound to the API group. No additional configuration is required.

    Using an IP address to call an API in the DEFAULT group

    ROMA Connect allows you to use IP addresses to call APIs in the DEFAULT group. No additional configuration is required.

    Using an IP address to call an API in groups except DEFAULT
    • The app_route parameter has been set to on on the Configuration Parameters tab page of a ROMA Connect instance, indicating that an API can be called by using an IP address.
    • ROMA Connect does not allow APIs in non-DEFAULT groups to be directly called using IP addresses. The header parameter X-HW-ID must be added to the request message, and the value must be the key or client AppKey of the integration application authorized by the API.
  2. Set the authentication parameters.

    Authentication Mode

    API Request Parameter Configuration

    App authentication (signature authentication)

    Use the obtained SDK to sign the API request. For details, see Using App Authentication to Call APIs.

    App authentication (simple authentication)

    Add the header parameter X-Apig-AppCode to the API request. The parameter value is the AppCode obtained in Obtaining API Request Information.

    App authentication (app_secret authentication)
    • On the Configuration Parameters tab page of a ROMA Connect instance, the app_secret parameter has been set to on (indicating that app_secret authentication is enabled) and app_api_key has been set to off (indicating that app_api_key authentication is disabled).
    • Add the header parameter X-HW-ID to the API request. The parameter value is the key of the integration application authorized for the API or the client's AppKey.
    • Add the header parameter X-HW-AppKey to the API request. The parameter value is the secret or AppSecret obtained in Obtaining API Request Information.

    App authentication (app_basic authentication)
    • The app_basic parameter has been set to on on the Configuration Parameters tab page of a ROMA Connect instance, indicating that app_basic authentication is enabled.
    • Add the header parameter Authorization to the API request. The value is "Basic "+base64(appkey+":"+appsecret), in which appkey and appsecret are the key and secret (or AppKey and AppSecret) obtained in Obtaining API Request Information.

    App authentication (two-factor authentication)

    An API request carries authentication information of both app authentication and custom authentication.

    authentication (token authentication)

    Obtain the token of the cloud service platform and carry the token in the API request for authentication.

    authentication (AK/SK authentication)

    When calling an API, use the obtained SDK to sign the API request. For details, see AK/SK Authentication.

    authentication (two-factor authentication)

    An API request carries authentication information of both IAM authentication and custom authentication.

    Custom

    Based on the definition of custom authentication, the related authentication information is carried in the API request parameters for authentication.

    None

    No authentication is required, and the API can be directly called.
Parent topic: Calling an API