Help Center> API Gateway> User Guide (ME-Abu Dhabi Region)> Published API Calling> Calling APIs
Updated on 2023-05-22 GMT+08:00
View PDF

Calling APIs

Obtaining APIs and Documentation

Before calling APIs, obtain the request information from the API provider, including the access domain name, protocol, method, path, and request parameters.

Obtain APIs from your company or from a partner.

For APIs obtained from the cloud service provider, obtain documentation from the Help Center.

The authentication information to be obtained varies with the API authentication mode.

  • App authentication:
    • Signature authentication: Obtain the key and secret (or client AppKey and AppSecret) of the credential authorized for the API from the API provider as well as the SDK for calling the API.
    • Simple authentication: Obtain the AppCode of the credential authorized for the API from the API provider.
    • Other authentication modes: Obtain the key and secret (or client AppKey and AppSecret) of the credential authorized for the API from the API provider.
  • IAM authentication: The account credential (token or AK/SK obtained with the account and password) obtained on the cloud service platform is used for authentication. If the AK/SK is used for authentication, you also need to obtain the SDK from the API provider for calling the API.
  • Custom authentication: Obtain the custom authentication information to be carried in the request parameters from the API provider.
  • None: No authentication information is required.

Calling an API

This section describes only the configuration of the request path and authentication parameters. For other parameters, such as timeout and SSL, configure them as required. To avoid service loss due to incorrect parameters, configure them by referring to the industry standards.

  1. Set the request path.

    Scenario

    Request Parameter Configuration

    Calling an API with a domain name

    Call an API using the debugging domain name allocated to the API group or a domain name bound to the group. No additional configuration is required.

    Calling an API in the DEFAULT group with an IP address

    Call an API in the DEFAULT group with an IP address. No additional configuration is required.

    Calling an API in a custom group with an IP address
    • To use an IP address to call an API that uses app authentication in a non-DEFAULT group,
      1. Set configuration parameters app_route and app_secret of the gateway to On. After app_route is enabled, a credential cannot be authorized to APIs with the same request path and method.
      2. Add header parameters X-HW-ID and X-HW-APPKEY and set them to the key and secret of a credential authorized for the API or a client AppKey and AppSecret.
    • To use an IP address to call an API that does not use app authentication in a non-DEFAULT group, add the header parameter host.

  2. Set the authentication parameters.

    Authentication Mode

    Request Parameter Configuration

    App authentication (with a signature)

    Use the SDK to sign API requests. For details, see section "Calling APIs Through App Authentication" in the API Gateway Developer Guide.

    App authentication (through simple authentication)

    Add the header parameter X-Apig-AppCode and set the parameter value to the AppCode obtained in Obtaining APIs and Documentation. Getting Started.

    App authentication (with app_secret)
    • On the Parameters tab of a gateway, the app_secret parameter has been set to on to enable app_secret authentication.
    • Add the header parameter X-HW-ID and set the parameter value to the key of the app authorized for the API or the client AppKey.
    • Add the header parameter X-HW-AppKey and set the parameter value to the secret or AppSecret obtained in Obtaining APIs and Documentation.

    App authentication (with app_basic)
    • To enable app_basic authentication, ensure that the app_basic parameter has been set to on on the Parameters tab of the gateway.
    • Add the header parameter Authorization and set the parameter value to "Basic + base64 (appkey + : + appsecret)", in which appkey and appsecret are the key and secret (or AppKey and AppSecret) obtained in Obtaining APIs and Documentation.

    IAM authentication (with a token)

    Obtain a token from the cloud platform and carry the token in API requests for authentication. For details, see section "Token Authentication" in the API Gateway Developer Guide.

    IAM authentication (with AK/SK)

    Use an SDK to sign API requests. For details, see section "AK/SK Authentication" in the API Gateway Developer Guide.

    Custom authentication

    Carry authentication information in API request parameters for authentication.

    None

    Call APIs without authentication.

Parent topic: Published API Calling