- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
-
User Guide
- Permissions Management
- Enterprise Routers
- Attachments
- Route Tables
- Associations
- Propagations
- Routes
-
Routing Control
-
Route Policies
- Route Policy Overview
- Creating a Route Policy
- Associating a Route Policy with an Enterprise Router
- Changing the Route Policy Associated with an Enterprise Router
- Disassociating a Route Policy from an Enterprise Router
- Modifying a Route Policy
- Viewing a Route Policy
- Deleting a Route Policy
- Adding a Policy Node to a Route Policy
- Modifying a Policy Node in a Route Policy
- Exporting Policy Nodes in a Route Policy
- Viewing a Policy Node in a Route Policy
- Deleting a Policy Node from a Route Policy
-
IP Prefix Lists
- IP Prefix List Overview
- Creating an IP Prefix List
- Modifying the Name of an IP Prefix List
- Viewing an IP Prefix List
- Deleting an IP Prefix List
- Adding a Prefix Rule to an IP Address Prefix List
- Modifying an IP Prefix Rule in an IP Prefix List
- Exporting Prefix Rules in an IP Prefix List
- Viewing a Prefix Rule in an IP Prefix List
- Deleting a Prefix Rule from an IP Prefix List
-
AS_Path Lists
- AS_Path List Overview
- Creating an AS_Path List
- Modifying the Name of an AS_Path List
- Viewing an AS_Path List
- Deleting an AS_Path List
- Adding an AS_Path Filter to an AS_Path List
- Exporting AS_Path Filters in an AS_Path List
- Viewing an AS_Path Filter in an AS_Path List
- Deleting an AS_Path Filter from an AS_Path List
-
Route Policies
- Sharing
- Flow Logs
- Monitoring and Auditing
- Tags
- Quotas
-
Best Practices
- Summary on Enterprise Router Best Practices
- Connecting VPCs Across Regions Using Enterprise Router and Central Network
- Using Enterprise Router to Isolate VPCs in the Same Region
- Using a Third-Party Firewall to Protect VPCs Connected by Enterprise Routers
- Enabling an On-Premises Data Center to Access Service VPCs Using an Enterprise Router and Transit VPC
- Setting Up a Hybrid Cloud Network Using Enterprise Router and Direct Connect Global DC Gateway
-
Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Direct Connect Connections (Global DC Gateway)
- Overview
- Network and Resource Planning
- Process of Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Direct Connect Connections (Global DC Gateway)
- Procedure for Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Direct Connect Connections (Global DC Gateway)
-
Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Active/Standby Direct Connect Connections (Global DC Gateway)
- Overview
- Network and Resource Planning
- Process of Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Active/Standby Direct Connect Connections (Global DC Gateway)
- Procedure for Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Active/Standby Direct Connect Connections (Global DC Gateway)
- Setting Up a Hybrid Cloud Network Using Enterprise Router, VPN, and Direct Connect (Global DC Gateway)
- Setting Up a Hybrid Cloud Network Using Enterprise Router and Direct Connect (Virtual Gateway)
- Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Direct Connect Connections (Virtual Gateway)
- Setting Up a Hybrid Cloud Network Using Enterprise Router, VPN, and Direct Connect (Virtual Gateway)
- Allowing VPCs to Share an EIP to Access the Internet Using Enterprise Router and NAT Gateway
- Using Enterprise Router to Migrate the Network Set Up Through VPC Peering
- Using Enterprise Router to Migrate the Network Set Up Through Direct Connect (Global DC Gateway)
- Using Enterprise Router and Central Network to Migrate the Network Set Up Through a Cloud Connection
- API Reference
- FAQs
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
- Enterprise Routers
- Attachments
- Route Tables
- Associations
- Propagations
- Routes
- Sharing
- Flow Logs
- Monitoring
- Interconnecting with CTS
- Permissions Management
- Tags
- Quotas
- FAQ
- Change History
-
User Guide (Ankara Region)
- Service Overview
- Getting Started
- Permissions Management
- Enterprise Routers
- Attachments
- Route Tables
- Associations
- Propagations
- Routes
- Sharing
- Flow Logs
- Monitoring
- Quotas
- FAQ
- Change History
- API Reference (Ankara Region)
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Copied.
Authentication
- Token authentication: Requests are authenticated using tokens.
- AK/SK authentication: Requests are encrypted using AK/SK pairs. AK/SK authentication is recommended because it is more secure than token authentication.
Token Authentication
The validity period of a token is 24 hours. When using a token for authentication, cache it to avoid frequently calls to the API.
A token specifies temporary permissions in a computer system. During authentication using a token, the token is added to request headers to get permissions for calling the API. You can obtain a token by calling the API for Obtaining a User Token.
Enterprise Router is a project-level service. When you call the API, set auth.scope in the request body to project.
{ "auth": { "identity": { "methods": [ "password" ], "password": { "user": { "name": "username", // IAM user name "password": "********", // IAM user password "domain": { "name": "domainname" // Name of the account that the IAM user belongs to } } } }, "scope": { "project": { "name": "xxxxxxxx" // Project name } } } }
After a token is obtained, X-Auth-Token must be added to the request header for calling other APIs. For example, if the token is ABCDEFJ...., X-Auth-Token: ABCDEFJ.... can be added to the request header as follows:
1 2 3 |
POST https://iam.ap-southeast-1.myhuaweicloud.com/v3/auth/projects Content-Type: application/json X-Auth-Token: ABCDEFJ.... |
AK/SK Authentication
AK/SK authentication supports API requests with a body not larger than 12 MB. For API requests with a larger body, token authentication is recommended.
In AK/SK authentication, AK/SK is used to sign requests and the signature is then added to the requests for authentication.
- AK: is a unique identifier associated with the SK. which is a unique identifier used together with an SK to sign requests cryptographically.
- SK: secret access key, which is used together with an AK to sign requests cryptographically. It identifies a request sender and prevents the request from being modified.
In AK/SK authentication, you can use an AK/SK to sign requests based on the signature algorithm or using the signing SDK. For details about how to sign requests and use the signing SDK, see API Request Signing Guide.
The signing SDK is only used for signing requests and is different from the SDKs provided by services.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot