Help Center/ ROMA Connect/ API Reference (ME-Abu Dhabi Region)/ APIC APIs/ Binding/Unbinding Signature Keys/ Binding a Signature Key

Updated on 2022-12-05 GMT+08:00

View PDF

Binding a Signature Key

Function

A signature key takes effect only after being bound to an API.

When requesting the backend service, ROMA Connect APIC uses the signature key to cryptographically sign requests. The backend service verifies the signature to identify request sources.

This API is used to bind a signature key to one or more published APIs. You can bind different signature keys to an API in different environments, but can bind only one signature key to the API in each environment.

URI

POST /v2/{project_id}/apic/instances/{instance_id}/sign-bindings

**Table 1** Path parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For details about how to obtain the project ID, see Appendix > Obtaining a Project ID in the ROMA Connect API Reference.
instance_id	Yes	String	Instance ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
sign_id	Yes	String	Signature key ID.
publish_ids	Yes	Array of strings	ID of an API publication record.

Response Parameters

Status code: 201

**Table 4** Response body parameters
Parameter	Type	Description
bindings	Array of SignApiBindingInfo objects	List of binding relationships between APIs and signature keys.

**Table 5** SignApiBindingInfo
Parameter	Type	Description
publish_id	String	API publication ID.
api_id	String	API ID.
group_name	String	API group name.
binding_time	String	Time when the policy is bound to the API.
env_id	String	ID of the environment in which the API was published.
env_name	String	Name of the environment in which the API was published.
api_type	Integer	API type.
api_name	String	API name.
id	String	Binding record ID.
api_remark	String	API description.
sign_id	String	Signature key ID.
sign_name	String	Signature key name, The value contains 3 to 64 characters, including letters, digits, and underscores (_). It must start with a letter. NOTE: Characters must be in UTF-8 or Unicode format.
sign_key	String	Signature key. hmac signature key: The value contains 8 to 32 characters, including letters, digits, underscores (_), and hyphens (-). The value must start with a letter or digit. A key is automatically generated by the backend if no key is specified. basic signature key: The value contains 4 to 32 characters, including letters, digits, underscores (_), and hyphens (-). The value must start with a letter or digit. A key is automatically generated by the backend if no key is specified. public_key signature key: The value contains 8 to 512 characters, including letters, digits, underscores (_), hyphens (-), plus signs (+), slashes (/), and equal signs (=). The value must start with a letter, digit, plus sign (+), or slash (/). A key is automatically generated by the backend if no key is specified.
sign_secret	String	Signature secret. hmac signature secret: The value contains 16 to 64 characters, including letters, digits, underscores (_), hyphens (-), exclamation marks (!), at signs (@), number signs (#), dollar signs ($), and percent signs (%). The value must start with a letter or digit. A secret is automatically generated by the backend if no secret is specified. basic signature secret: The value contains 8 to 64 characters, including letters, digits, underscores (_), hyphens (-), exclamation marks (!), at signs (@), number signs (#), dollar signs ($), and percent signs (%). The value must start with a letter or digit. A secret is automatically generated by the backend if no secret is specified. public_key signature secret: The value contains 15 to 2048 characters, including letters, digits, underscores (_), hyphens (-), exclamation marks (!), at signs (@), number signs (#), dollar signs ($), percent signs (%), plus signs (+), slashes (/), and equal signs (=). The value must with a letter, digit, plus sign (+), or slash (/). A secret is automatically generated by the backend if no secret is specified.
sign_type	String	Signature key type. hmac basic public_key The basic key type requires the instance to be upgraded to the corresponding version. If the basic key configuration does not exist in the instance, contact technical support to upgrade the instance. The public_key type can be used only when public_key is enabled for the instance. For details about the instance feature configuration, see Appendix > APIC Features Supported by ROMA Connect Instances in the API Reference. If the public_key configuration does not exist in the instance, contact technical support to enable public_key.

Status code: 400

**Table 6** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 401

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 403

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 404

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 500

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Example Requests

{
  "sign_id" : "0b0e8f456b8742218af75f945307173c",
  "publish_ids" : [ "40e7162dc6b94bbbbb1a60d2a24b1b0c" ]
}

Example Responses

Status code: 201

Created

{
  "bindings" : [ {
    "api_id" : "5f918d104dc84480a75166ba99efff21",
    "sign_secret" : "dc02fc5f30714d6bb21888389419e2b3",
    "group_name" : "api_group_001",
    "sign_id" : "0b0e8f456b8742218af75f945307173c",
    "sign_key" : "a071a20d460a4f639a636c3d7e3d8163",
    "binding_time" : "2020-08-03T04:00:11.638167852Z",
    "env_id" : "DEFAULT_ENVIRONMENT_RELEASE_ID",
    "env_name" : "RELEASE",
    "sign_name" : "signature_demo",
    "api_type" : 1,
    "api_name" : "Api_http",
    "id" : "25082bd52f74442bb1d273993d567938",
    "api_remark" : "Web backend Api",
    "publish_id" : "66a645f1d6294fa6899cb1ed1c51bc4c"
  } ]
}

Status code: 400

Bad Request

{
  "error_code" : "APIG.2012",
  "error_msg" : "Invalid parameter value,parameterName:sign_id. Please refer to the support documentation"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3017",
  "error_msg" : "Signature key 0b0e8f456b8742218af75f945307173c does not exist"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code	Description
201	Created
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error

Error Codes

See Error Codes.

Parent topic: Binding/Unbinding Signature Keys

Previous topic: Binding/Unbinding Signature Keys

Next topic: Unbinding a Signature Key

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot