- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
- User Guide
-
Best Practices
- Using Global Accelerator to Speed Up Cross-Border Access to Web Servers
- Using CDN and Global Accelerator to Speed Up Cross-Border Access
- Using Global Accelerator to Speed Up Cross-Border Access to Third-Party On-premises Servers
- Using Global Accelerator to Accelerate Communications Between Cloud and On-Premises Servers and Implement Multi-active DR
- Transferring the Source IP Address of a Client
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Global Accelerator
- Listener
- Endpoint Group
- Endpoint
- Health Check
-
IP Address Group
- Creating an IP Address Group
- Querying IP Address Groups
- Querying Details of an IP Address Group
- Updating an IP Address Group
- Deleting an IP Address Group
- Adding CIDR Blocks to an IP Address Group
- Removing CIDR Blocks from an IP Address Group
- Associating an IP Address Group with a Listener
- Disassociating an IP Address Group from a Listener
- Region
- Tag
- Log
- Permissions Policies and Supported Actions
- Appendix
- SDK Reference
-
FAQs
- Can I Use the Ping Command to Test Latency?
- How Will I Be Billed for Global Accelerator?
- How Can I Increase the Global Accelerator Quotas?
- How Can I Use Traffic Dial to Distribute Traffic?
- What Types of Endpoints Can Be Added to a Global Accelerator?
- Can I Use Global Accelerator in an Area That Is Not Listed Among the Acceleration Areas?
- What Are the Statuses and Health Check Results of Endpoints?
- What Should I Do If an Endpoint Is Unhealthy?
- Most Frequently Asked Questions
- Configuring the TOA Module
- How Can I Use Global Accelerator to Enable European Users to Access the Applications Deployed in or Outside the Chinese Mainland (Excluding Europe) Faster?
- General Reference
Copied.
Authentication
- Token authentication: Requests are authenticated using tokens.
- AK/SK authentication: Requests are encrypted using AK/SK pairs. AK/SK authentication is recommended because it is more secure than token authentication.
AK/SK Authentication
- AK/SK authentication supports API requests with a body not larger than 12 MB. For API requests with a larger body, token authentication is recommended.
- The AK/SK can be either a permanent access key or a temporary access key. If it is a temporary access key, the X-Security-Token field must be added to the request. The value is the security_token of the temporary access key.
In AK/SK authentication, AK/SK is used to sign requests and the signature is then added to the requests for authentication.
- AK: access key, which is a unique identifier used together with an SK to sign requests cryptographically.
- SK: secret access key, which is used together with an AK to sign requests cryptographically. It identifies a request sender and prevents the request from being modified.
In AK/SK authentication, you can use an AK/SK to sign requests based on the signature algorithm or using the signing SDK. For details about how to sign requests and use the signing SDK, see AK/SK Signing and Authentication Guide.
The signing SDK is only used for signing requests and is different from the SDKs provided by services.
Token Authentication
- A token is valid for 24 hours. When using a token for authentication, cache it to avoid frequent calling.
- To avoid token expiration during an API call, ensure that the time taken to complete a call is shorter than the time left before a token expires.
A token is used to acquire temporary permissions. During API authentication using a token, the token is added to the request header to get permissions for calling the API.
You can obtain a token by calling the Obtaining a User Token API. Global Accelerator is a global service. You can obtain a global token by calling the Obtaining User Token API. When you call the API, set auth.scope in the request body to domain.
{ "auth": { "identity": { "methods": [ "password" ], "password": { "user": { "name": "username", "password": "********", "domain": { "name": "domainname" } } } }, "scope": { "domain": { "name": "xxxxxxxx" } } } }
After a token is obtained, the X-Auth-Token header field must be added to requests to specify the token when calling other APIs. For example, if the token is ABCDEFJ...., X-Auth-Token: ABCDEFJ.... can be added to a request as follows:
1 2 3 |
POST https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER/users Content-Type: application/json X-Auth-Token: ABCDEFJ.... |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot