Request
This section describes the structure of a REST API request, and uses the IAM API for creating an IAM user as an administrator as an example to demonstrate how to call an API. The user token obtained by this API can then be used to authenticate the calling of other APIs.
Request URI
A request URI is in the following format:
{URI-scheme}://{Endpoint}/{resource-path}?{query-string}
Although a request URI is included in the request header, most programming languages or frameworks require the request URI to be separately transmitted.
Parameter |
Description |
---|---|
URI-scheme |
Protocol used to transmit requests. All APIs use HTTPS. |
Endpoint |
Domain name or IP address of the server bearing the REST service. The endpoint varies between services in different regions. For example, the endpoint of IAM in the CN-Hong Kong region is iam.ap-southeast-1.myhuaweicloud.com. |
resource-path |
Resource path of an API. Obtain the path from the URI of an API. For example, the resource-path of the API for obtaining a user token is /v3/auth/tokens. |
query-string |
(Optional) Query parameter. Ensure that a question mark (?) is included in front of each query parameter, which is in the format of Parameter name=Parameter value. For example, ?limit=10 indicates that a maximum of 10 data records can be queried. |
For example, to create an IAM user, obtain and combine the endpoint of any region (for example, iam.ap-southeast-1.myhuaweicloud.com of the CN-Hong Kong region) and the resource-path (/v3.0/OS-USER/users) in the URI of the API used to create an IAM user as an administrator. The resulting URI is as follows:
https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER/users
To simplify the URI display, this document provides only the resource-path and request method in the URI of each API. The URI-scheme of all APIs is https, and the endpoints in a region are the same.
Request Methods
The HTTP protocol defines the following request methods for sending requests to a server.
Method |
Description |
---|---|
GET |
Requests a server to return specified resources. |
PUT |
Requests a server to update specified resources. |
POST |
Requests a server to add resources or perform special operations. |
DELETE |
Requests a server to delete a specified resource (for example, an object). |
HEAD |
Requests resource headers from a server. |
PATCH |
Requests a server to update part of specified resources. If the requested resource does not exist, the server may create a resource using the PATCH method. |
POST https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER/users Content-Type: application/json X-Sdk-Date: 20240416T095341Z Authorization: SDK-HMAC-SHA256 Access=****************, SignedHeaders=content-type;host;x-sdk-date, Signature=****************
Request Header
You can add additional fields, such as the fields required by a specified URI or HTTP method, to a request header. For example, to request authentication information, you can add Content-Type to specify the type of the request body.
For details about common request headers, see Table 3.
Parameter |
Description |
Mandatory |
Example |
---|---|---|---|
Host |
Specifies the server to which a request is sent, which can be obtained from the URL of the service API. The value is in the format of Host name:Port number. If the port number is not specified, the default port is used. The default port number for https is 443. |
No This field is mandatory for access key (AK)/secret access key (SK) authentication. |
code.test.com or code.test.com:443 |
Content-Type |
Specifies the type (or format) of a message body. The default value application/json is recommended. Other values will be described in the specific APIs. |
Yes |
application/json |
Content-Length |
Specifies the length of a request body, in bytes. |
No |
3495 |
X-Project-Id |
Specifies a project ID. You can obtain the project ID by referring to Obtaining the Project ID. |
No This field is mandatory for requests that use AK/SK authentication in the Dedicated Cloud (DeC) scenario or multi-project scenario. |
e9993fc7************baa340f9c0f4 |
X-Auth-Token |
Specifies a user token. A user token is carried in a response to the API for obtaining a user token. This API is the only one that does not require authentication. The value of X-Subject-Token in the response header is the token. |
No This field is mandatory for token authentication. |
The following is part of an example token: MIIPAgYJKoZIhvcNAQcCo...ggg1BBIINPXsidG9rZ |
APIs also support AK/SK authentication, which uses SDKs to sign a request. During the signature, the Authorization (signature authentication) and X-Sdk-Date (time when a request is sent) headers are automatically added to the request.
For details about AK/SK authentication, see Authentication.
POST https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER/users Content-Type: application/json X-Sdk-Date: 20240416T095341Z Authorization: SDK-HMAC-SHA256 Access=****************, SignedHeaders=content-type;host;x-sdk-date, Signature=****************
Request Body
This part is optional. A request body is generally sent in a structured format (for example, JSON or XML), which is specified by Content-Type in the request header. It is used to transfer content other than the request header. If the request body contains full-width characters, these characters must be coded in UTF-8.
Request bodies vary according to APIs. Some APIs do not require a request body, such as the APIs called using the GET and DELETE methods.
For the API used to create an IAM user as an administrator, you can obtain the request parameters and parameter description from the API request. The following provides an example request with a body included. Replace the values in bold with the actual ones.
- accountid is the ID of the account to which an IAM user belongs.
- username is the IAM username to be created.
- email is the email address of the IAM user.
- ********** is the login password of the IAM user.
POST https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER/users Content-Type: application/json X-Sdk-Date: 20240416T095341Z Authorization: SDK-HMAC-SHA256 Access=****************, SignedHeaders=content-type;host;x-sdk-date, Signature=**************** { "user": { "domain_id": "accountid", "name": "username", "password": "**********", "email": "email", "description": "IAM User Description" } }
If all data required by an API request is available, you can send the request to call the API through curl, Postman, or coding. In the response to the API for obtaining a user token, x-subject-token carries a user token. You can use this token to authenticate the calling of other APIs.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot