- What's New
- Function Overview
- Product Bulletin
- Service Overview
- Billing
- Getting Started
-
User Guide
- Process of Using APIG
- Creating a User and Granting APIG Permissions
- Creating a Gateway
- Opening APIs
- (Optional) Configuring Authorization for API Calling
- Calling APIs
-
Managing APIs
- Overview
- Viewing or Modifying API Information
- Configuring Custom API Authentication
- Configuring API Parameter Orchestration Rules
- Customizing Error Response for APIs
- Cloning an API
- Taking an API Offline
- Importing and Exporting APIs
-
API Design File Extension Definitions
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-is-send-fg-body-base64
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- x-apigateway-auth-opt
- x-apigateway-result-normal-sample
- x-apigateway-result-failure-sample
- x-apigateway-authorizer
- x-apigateway-response
- x-apigateway-responses
- x-apigateway-pass-through
- x-apigateway-sample
- x-apigateway-content-type
- x-apigateway-orchestrations
- Configuring API Policies
- Configuring a Credential Policy
- Managing APIG Gateways
- Viewing Metrics and Configuring Alarms
- Viewing Audit Logs
- Shared Gateway (for Existing Users)
-
Best Practices
- Overview
-
API Openness
- Selectively Exposing CCE Workloads with a Dedicated Gateway
- Selectively Exposing Service Capabilities of a Data Center Using a Dedicated Gateway
- Exposing Backend Services Across VPCs Using a Dedicated Gateway
- Routing gRPC Service Requests Using a Dedicated Gateway
- Forwarding WebSocket Service Requests Using a Dedicated Gateway
- HTTP-to-HTTPS Auto Redirection with a Dedicated Gateway
- Calling Different Backend Services Using a Dedicated Gateway
- API Authentication
- API Policies
- API Security
- Developer Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Verifying the API Definition
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
-
VPC Channel Management
- Creating a VPC Channel
- Updating a VPC Channel
- Deleting a VPC Channel
- Querying VPC Channel Details
- Querying VPC Channels
- Adding or Updating Backend Instances
- Querying Backend Servers of a VPC Channel
- Updating Backend Instances
- Removing a Backend Server
- Enabling Backend Servers
- Disabling Backend Servers
- Modifying VPC Channel Health Check
- Adding or Updating a Backend Server Group of a VPC Channel
- Querying Backend Server Groups of a VPC Channel
- Querying a Backend Server Group of a VPC Channel
- Deleting a Backend Server Group of a VPC Channel
- Updating a Backend Server Group of a VPC Channel
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Enabling Public Inbound Access
- Updating Public Inbound Access Bandwidth of a Gateway
- Disabling Public Inbound Access for a Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Modifying the Specifications of a Pay-Per-Use Gateway
- Querying Gateway Constraints
- VPC Endpoint Management
- Gateway Tag Management
- Microservice Center Management
-
SSL Certificate Management
- Querying SSL Certificates
- Creating an SSL Certificate
- Binding a Domain Name with SSL Certificates
- Unbinding a Domain Name's SSL Certificates
- Querying Certificate Details
- Deleting an SSL Certificate
- Modifying an SSL Certificate
- Binding an SSL Certificate to a Domain Name
- Unbinding an SSL Certificate from a Domain Name
- Querying Domain Names of an SSL Certificate
-
Plug-in Management
- Creating a Plug-in
- Modifying a Plug-in
- Deleting a Plug-in
- Querying Plug-ins
- Querying Plug-in Details
- Binding a Plug-in to APIs
- Binding an API with Plug-ins
- Unbinding a Plug-in from All APIs
- Unbinding an API's Plug-ins
- Querying APIs Bound with a Plug-in
- Querying Plug-ins Bound to an API
- Querying APIs to Which a Plug-in Can Be Bound
- Querying Plug-ins That Can Be Bound to an API
-
Credential Management
- Creating an App
- Modifying an App
- Deleting an App
- Resetting the AppSecret of an App
- Verifying an App
- Querying App Details
- Querying Apps
- Creating an AppCode
- Generating an AppCode
- Deleting an AppCode
- Querying AppCode Details
- Querying AppCodes of an App
- Querying Quotas Associated with a Credential
- Configuring Access Control Settings for an App
- Querying Access Control Details About an App
- Deleting Access Control Settings of an App
-
Credential Quota Management
- Creating a Credential Quota
- Querying Credential Quota Details
- Querying Credential Quotas
- Modifying a Credential Quota
- Deleting a Credential Quota
- Querying the Credentials Bound to a Specified Quota
- Binding a Credential Quota with Credentials
- Unbinding a Credential Quota from a Credential
- Querying Credentials That Can Be Bound to a Credential Quota
- Asynchronous Task Management
- Orchestration Rule Management
- Gateway Custom Inbound Port Management
-
Shared Gateway APIs (for Existing Users)
- API Group Management
-
API Management
- Object Model
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API
- Taking an API Offline
- Publishing Multiple APIs or Taking Multiple APIs Offline
- Querying API Details
- Querying an API List
- Querying Historical API Versions
- Taking an Effective Version of an API Offline
- Querying Details of an API Version
- Querying the Runtime Definition of an API
- Debugging an API
- App Management
- App Authorization Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
- Binding Request Throttling Policies
- Excluded Request Throttling Configuration
- Access Control Policy Management
-
Binding Access Control Policies
- Object Model
- Binding an Access Control Policy to an API
- Querying the List of Access Control Policies Bound to an API
- Querying the List of APIs Bound to an Access Control Policy
- Querying the List of APIs Not Bound to an Access Control Policy
- Unbinding an Access Control Policy from an API
- Unbinding Multiple Access Control Policies from APIs
- Querying Subscription Information in KooGallery
- Configuration Management
- Resource Query
- Signature Key Management
- Binding Signature Keys
- Domain Name Management
- VPC Channel Management
- Querying Metrics
- OpenAPI
- Custom Authorizer Management
- Permissions Policies and Supported Actions
- Appendix
- Change History
- SDK Reference
-
FAQs
- Common FAQs
- Product Consulting FAQs
-
Opening APIs
- Why Can't I Create APIs?
- How Do I Define Response Codes for an API?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- Can I Bind Private Domain Names for API Access?
- Why Do I Fail to Call an API Across Domains?
- How Do I Use APIG to Open Up Services Deployed on Huawei Cloud?
- Publishing an API
-
Calling APIs
- What Are the Possible Causes for an API Calling Failure?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- Why Am I Seeing the Error Message "The API does not exist or has not been published in the environment" When I Call an API?
- Why Am I Seeing the Error Message "No backend available" When I Call an API?
- Why Am I Seeing the Error Message "Backend unavailable" or "Backend timeout" When I Invoke the Backend Service?
- Why Am I Seeing the Error Message "Backend domain name resolution failed" When I Invoke the Backend Service?
- Why Am I Seeing the Error Message "Incorrect IAM authentication information" When I Call an API?
- Why Am I Seeing the Error Message "Incorrect app authentication information" When I Call an API?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- Does APIG Have a Limit on the Size of the API Request Body?
- Is There a Limit on the Size of the Response to an API Request?
- How Do I Call an API Using App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- How Can I Access Backend Services over Public Networks Through APIG?
- API Authentication
-
API Policies
- Can I Configure the Maximum Number of Concurrent Requests?
- Is the Restriction of 1,000 Requests Per Day to a Debugging Domain Name Applied to Enterprise Accounts?
- Does APIG Have Bandwidth Limits?
- Why Doesn't a Request Throttling Policy Take Effect?
- How Do I Provide an Open API to Specific Users?
- Are Client IP Addresses Verified for Access Control?
- Importing and Exporting APIs
- Videos
-
More Documents
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Getting Started
- Comparing Versions
- Overview
-
API Management
- Creating an API Group
- Binding a Domain Name
- Creating an Environment Variable
- Creating a Gateway Response
- Creating an API
- Cloning an API
- CORS
- Debugging an API
- Authorizing API Access
- Publishing an API
- Taking an API Offline
-
Importing and Exorting APIs
- Restrictions and Compatibility
- Importing APIs
- Exporting APIs
-
Extended Definition
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- Viewing APIs
- HTTP 2.0
- API Policies
- Credentials
- Monitoring & Analysis
- Gateway Management
- SDKs
- Published API Calling
- Permissions Management
- Auditing
-
FAQs
- Common FAQs
-
API Creation
- How Do I Define Response Codes for an API?
- How Do I Specify the Host Port for a VPC Channel (or Load Balance Channel)?
- How Do I Set the Backend Address If I Will Not Use a VPC Channel (or Load Balance Channel)?
- How Can I Configure the Backend Service Address?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- What Should I Do After Applying for an Independent Domain Name?
- Can I Bind Private Domain Names for API Access?
- Why Does an API Failed to Be Called Across Domains?
-
API Calling
- What Are the Possible Causes for an API Calling Failure?
- What Should I Do If an Error Code Is Returned During API Calling?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- What Should I Do If "The API does not exist or has not been published in the environment." Is Displayed?
- Why Am I Seeing the Message "No backend available"?
- What Are the Possible Causes If the Message "Backend unavailable" or "Backend timeout" Is Displayed?
- Why Am I Seeing the Message "Backend domain name resolution failed" When a Backend Service Is Called?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- How Do I Switch the Environment for API Calling?
- What Is the Maximum Size of an API Request Package?
- How Do I Perform App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- App (Credential) FAQs
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- Does APIG Support Persistent Connections?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- Is There a Limit on the Size of the Response to an API Request?
- How Can I Access Backend Services over Public Networks Through APIG?
-
API Authentication
- Does APIG Support HTTPS Two-Way Authentication?
- How Do I Call an API That Does Not Require Authentication?
- Which TLS Versions Does APIG Support?
- Does APIG Support Custom Authentication?
- Will the Request Body Be Signed for Security Authentication?
- Common Errors Related to IAM Authentication Information
- What Should I Do If the App Authentication Information Is Incorrect?
- API Control Policies
- API Publishing
- API Import and Export
- API Security
- Other FAQs
- Change History
- Developer Guide (Kuala Lumpur Region)
-
API Reference (Kuala Lumpur Region)
- Before You Start
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Verifying the API Definition
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
-
VPC Channel Management
- Creating a VPC Channel
- Updating a VPC Channel
- Deleting a VPC Channel
- Querying VPC Channel Details
- Querying VPC Channels
- Adding or Updating Backend Instances
- Querying Backend Servers of a VPC Channel
- Updating Backend Instances
- Removing a Backend Server
- Enabling Backend Servers
- Disabling Backend Servers
- Modifying VPC Channel Health Check
- Adding or Updating a Backend Server Group of a VPC Channel
- Querying Backend Server Groups of a VPC Channel
- Querying a Backend Server Group of a VPC Channel
- Deleting a Backend Server Group of a VPC Channel
- Updating a Backend Server Group of a VPC Channel
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Enabling Public Inbound Access
- Updating Public Inbound Access Bandwidth of a Gateway
- Disabling Public Inbound Access for a Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Modifying the Specifications of a Pay-Per-Use Gateway
- Querying Gateway Constraints
- VPC Endpoint Management
- Gateway Tag Management
-
SSL Certificate Management
- Querying SSL Certificates
- Creating an SSL Certificate
- Binding a Domain Name with SSL Certificates
- Unbinding a Domain Name's SSL Certificates
- Querying Certificate Details
- Deleting an SSL Certificate
- Modifying an SSL Certificate
- Binding an SSL Certificate to a Domain Name
- Unbinding an SSL Certificate from a Domain Name
- Querying Domain Names of an SSL Certificate
-
Plug-in Management
- Creating a Plug-in
- Modifying a Plug-in
- Deleting a Plug-in
- Querying Plug-ins
- Querying Plug-in Details
- Binding a Plug-in to APIs
- Binding an API with Plug-ins
- Unbinding a Plug-in from All APIs
- Unbinding an API's Plug-ins
- Querying APIs Bound with a Plug-in
- Querying Plug-ins Bound to an API
- Querying APIs to Which a Plug-in Can Be Bound
- Querying Plug-ins That Can Be Bound to an API
-
Credential Management
- Creating an App
- Modifying an App
- Deleting an App
- Resetting the AppSecret of an App
- Verifying an App
- Querying App Details
- Querying Apps
- Creating an AppCode
- Generating an AppCode
- Deleting an AppCode
- Querying AppCode Details
- Querying AppCodes of an App
- Querying Quotas Associated with a Credential
- Configuring Access Control Settings for an App
- Querying Access Control Details About an App
- Deleting Access Control Settings of an App
-
Credential Quota Management
- Creating a Credential Quota
- Querying Credential Quota Details
- Querying Credential Quotas
- Modifying a Credential Quota
- Deleting a Credential Quota
- Querying the Credentials Bound to a Specified Quota
- Binding a Credential Quota with Credentials
- Unbinding a Credential Quota from a Credential
- Querying Credentials That Can Be Bound to a Credential Quota
- Asynchronous Task Management
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
- Comparing Versions
- Overview
-
API Management
- Creating an API Group
- Importing a CCE Workload
- Binding a Domain Name
- Creating an Environment Variable
- Creating a Gateway Response
- Creating an API
- Creating a gRPC API
- Cloning an API
- CORS
- Debugging an API
- Authorizing API Access
- Publishing an API
- Taking an API Offline
-
Importing and Exorting APIs
- Restrictions and Compatibility
- Importing APIs
- Exporting APIs
-
Extended Definition
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-is-send-fg-body-base64
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- Viewing APIs
- HTTP 2.0
- API Policies
- Credentials
- Monitoring & Analysis
- Gateway Management
- SDKs
- Published API Calling
- Permissions Management
- Auditing
-
FAQs
- Common FAQs
-
API Creation
- Why Can't I Create APIs?
- How Do I Define Response Codes for an API?
- How Do I Specify the Host Port for a VPC Channel (or Load Balance Channel)?
- How Do I Set the Backend Address If I Will Not Use a VPC Channel (or Load Balance Channel)?
- How Can I Configure the Backend Service Address?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- What Should I Do After Applying for an Independent Domain Name?
- Can I Bind Private Domain Names for API Access?
- Why Does an API Failed to Be Called Across Domains?
-
API Calling
- What Are the Possible Causes for an API Calling Failure?
- What Should I Do If an Error Code Is Returned During API Calling?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- What Should I Do If "The API does not exist or has not been published in the environment." Is Displayed?
- Why Am I Seeing the Message "No backend available"?
- What Are the Possible Causes If the Message "Backend unavailable" or "Backend timeout" Is Displayed?
- Why Am I Seeing the Message "Backend domain name resolution failed" When a Backend Service Is Called?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- How Do I Switch the Environment for API Calling?
- What Is the Maximum Size of an API Request Package?
- How Do I Perform App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- App (Credential) FAQs
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- Does APIG Support Persistent Connections?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- Is There a Limit on the Size of the Response to an API Request?
- How Can I Access Backend Services over Public Networks Through APIG?
-
API Authentication
- Does APIG Support HTTPS Two-Way Authentication?
- How Do I Call an API That Does Not Require Authentication?
- Which TLS Versions Does APIG Support?
- Does APIG Support Custom Authentication?
- Will the Request Body Be Signed for Security Authentication?
- Common Errors Related to IAM Authentication Information
- What Should I Do If the App Authentication Information Is Incorrect?
- API Control Policies
- API Publishing
- API Import and Export
- API Security
- Other FAQs
- Change History
- Developer Guide (ME-Abu Dhabi Region)
-
API Reference (ME-Abu Dhabi Region)
- Before You Start
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Verifying the API Definition
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
-
VPC Channel Management
- Creating a VPC Channel
- Updating a VPC Channel
- Deleting a VPC Channel
- Querying VPC Channel Details
- Querying VPC Channels
- Adding or Updating Backend Instances
- Querying Backend Servers of a VPC Channel
- Updating Backend Instances
- Removing a Backend Server
- Enabling Backend Servers
- Disabling Backend Servers
- Modifying VPC Channel Health Check
- Adding or Updating a Backend Server Group of a VPC Channel
- Querying Backend Server Groups of a VPC Channel
- Querying a Backend Server Group of a VPC Channel
- Deleting a Backend Server Group of a VPC Channel
- Updating a Backend Server Group of a VPC Channel
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Enabling Public Inbound Access
- Updating Public Inbound Access Bandwidth of a Gateway
- Disabling Public Inbound Access for a Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Modifying the Specifications of a Pay-Per-Use Gateway
- Querying Gateway Constraints
- VPC Endpoint Management
- Gateway Tag Management
- Microservice Center Management
-
SSL Certificate Management
- Querying SSL Certificates
- Creating an SSL Certificate
- Binding a Domain Name with SSL Certificates
- Unbinding a Domain Name's SSL Certificates
- Querying Certificate Details
- Deleting an SSL Certificate
- Modifying an SSL Certificate
- Binding an SSL Certificate to a Domain Name
- Unbinding an SSL Certificate from a Domain Name
- Querying Domain Names of an SSL Certificate
-
Plug-in Management
- Creating a Plug-in
- Modifying a Plug-in
- Deleting a Plug-in
- Querying Plug-ins
- Querying Plug-in Details
- Binding a Plug-in to APIs
- Binding an API with Plug-ins
- Unbinding a Plug-in from All APIs
- Unbinding an API's Plug-ins
- Querying APIs Bound with a Plug-in
- Querying Plug-ins Bound to an API
- Querying APIs to Which a Plug-in Can Be Bound
- Querying Plug-ins That Can Be Bound to an API
-
Credential Management
- Creating an App
- Modifying an App
- Deleting an App
- Resetting the AppSecret of an App
- Verifying an App
- Querying App Details
- Querying Apps
- Creating an AppCode
- Generating an AppCode
- Deleting an AppCode
- Querying AppCode Details
- Querying AppCodes of an App
- Querying Quotas Associated with a Credential
- Configuring Access Control Settings for an App
- Querying Access Control Details About an App
- Deleting Access Control Settings of an App
-
Credential Quota Management
- This API is used to creat a credential quota.
- Querying Credential Quota Details
- Querying Credential Quotas
- Modifying a Credential Quota
- Deleting a Credential Quota
- Querying the Credentials Bound to a Specified Quota
- Binding a Credential Quota with Credentials
- Unbinding a Credential Quota from a Credential
- Querying Credentials That Can Be Bound to a Credential Quota
- Asynchronous Task Management
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
Best Practices (ME-Abu Dhabi Region)
- Selectively Exposing CCE Workloads with a Dedicated Gateway
- Selectively Exposing Service Capabilities of a Data Center Using a Dedicated Gateway
- Developing a Custom Authorizer with FunctionGraph
- Exposing Backend Services Across VPCs Using a Dedicated Gateway
- Interconnecting a Dedicated Gateway with WAF
- Request Throttling 2.0 with a Dedicated Gateway
- Two-Factor Authentication with a Dedicated Gateway
- HTTP-to-HTTPS Auto Redirection with a Dedicated Gateway
- Client Authentication with a Dedicated Gateway
- Invoking an API Policy Backend via Frontend Authentication Parameters (System Parameter)
- Forwarding WebSocket Services Using Dedicated Gateway
- Change History
- User Guide (Paris Region)
-
Developer Guide (Paris Region)
- Application Scenarios
- Calling APIs Through App Authentication
- Calling APIs Through IAM Authentication
- Creating Signatures for Backend Requests
-
Importing and Exporting APIs
- Restrictions and Compatibility
- Extended Definition
- API Import Precautions
- Examples of Importing APIs
- API Export Precautions
- Change History
-
API Reference (Paris Region)
- Before You Start
- Calling APIs
- Getting Started
-
Shared Gateway APIs
- API Group Management
-
API Management
- Object Model
- Registering an API
- Modifying an API
- Deleting an API
- Publishing an API
- Taking an API Offline
- Publishing Multiple APIs or Taking Multiple APIs Offline
- Querying API Details
- Querying an API List
- Querying Historical API Versions
- Taking an Effective Version of an API Offline
- Querying Details of an API Version
- Querying the Runtime Definition of an API
- Debugging an API
- App Management
- App Authorization Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
- Binding Request Throttling Policies
- Excluded Request Throttling Configuration
- Access Control Policy Management
-
Binding Access Control Policies
- Object Model
- Binding an Access Control Policy to an API
- Querying the List of Access Control Policies Bound to an API
- Querying the List of APIs Bound to an Access Control Policy
- Querying the List of APIs Not Bound to an Access Control Policy
- Unbinding an Access Control Policy from an API
- Unbinding Multiple Access Control Policies from APIs
- Querying Subscription Information in the Marketplace
- Resource Query
- Signature Key Management
- Binding Signature Keys
- Domain Name Management
- VPC Channel Management
- OpenAPI
- Custom Authorizer Management
- Appendix
- Change History
-
Dedicated API Gateway User Guide (Paris Region)
- Service Overview
- Getting Started
- Comparing Versions
- Overview
-
API Management
- Creating an API Group
- Binding a Domain Name
- Creating an Environment Variable
- Creating a Gateway Response
- Creating an API
- CORS
- Debugging an API
- Authorizing API Access
- Publishing an API
- Taking an API Offline
-
Importing and Exorting APIs
- Restrictions and Compatibility
- Importing APIs
- Exporting APIs
-
Extended Definition
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- Viewing APIs
- API Policies
- Credentials
- Monitoring & Analysis
- Gateway Management
- Published API Calling
- Permissions Management
- Auditing
-
FAQs
- Common FAQs
-
API Creation
- How Do I Define Response Codes for an API?
- How Do I Specify the Host Port for a VPC Channel (or Load Balance Channel)?
- How Do I Set the Backend Address If I Will Not Use a VPC Channel (or Load Balance Channel)?
- How Can I Configure the Backend Service Address?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- What Should I Do After Applying for an Independent Domain Name?
- Can I Bind Private Domain Names for API Access?
- Why Does an API Failed to Be Called Across Domains?
-
API Calling
- What Are the Possible Causes for an API Calling Failure?
- What Should I Do If an Error Code Is Returned During API Calling?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- What Should I Do If "The API does not exist or has not been published in the environment." Is Displayed?
- Why Am I Seeing the Message "No backend available"?
- What Are the Possible Causes If the Message "Backend unavailable" or "Backend timeout" Is Displayed?
- Why Am I Seeing the Message "Backend domain name resolution failed" When a Backend Service Is Called?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- How Do I Switch the Environment for API Calling?
- What Is the Maximum Size of an API Request Package?
- How Do I Perform App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- App (Credential) FAQs
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- Does APIG Support Persistent Connections?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- Is There a Limit on the Size of the Response to an API Request?
- How Can I Access Backend Services over Public Networks Through APIG?
-
API Authentication
- Does APIG Support HTTPS Two-Way Authentication?
- How Do I Call an API That Does Not Require Authentication?
- Which TLS Versions Does APIG Support?
- Does APIG Support Custom Authentication?
- Will the Request Body Be Signed for Security Authentication?
- Common Errors Related to IAM Authentication Information
- API Control Policies
- API Publishing
- API Import and Export
- API Security
- Other FAQs
- Change History
- Dedicated API Gateway Developer Guide (Paris Region)
-
Dedicated API Gateway API Reference (Paris Region)
- Before You Start
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- App Management
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
- VPC Channel Management
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
User Guide (Kuala Lumpur Region)
- General Reference
Copied.
Configuring Gateway Parameters
This section describes how to configure common parameters for a gateway to adjust component functions.
Constraint
Modifying gateway configuration parameters will interrupt services. Do this during off-peak hours or when no service is running.
Configuring Gateway Parameters
- Go to the APIG console.
- In the navigation pane, choose Gateways.
- Click Access Console or the name of the target gateway.
- Click the Parameters tab, and click Modify in the row that contains the target parameter. The configuration parameters vary depending on the gateway edition.
Table 1 Configuration parameters Parameter
Description
ratelimit_api_limits
Default request throttling value applied to all APIs. Default: 200 calls/second. The total number of times an API can be called is determined by this parameter only if no request throttling policy is bound to the API. The Max. API Requests of a request throttling policy cannot exceed the value of this parameter.
request_body_size
Maximum size of the body that can be carried in an API request. The default value is 12 MB. The value ranges from 1 MB to 9,536 MB.
Files can be uploaded using the POST method. Currently, only the request body can be transparently transmitted.
backend_timeout
Backend response timeout. Default: 60,000 ms. Range: 1–600,000 ms.
app_token
Determine whether to enable app_token authentication. Default: disabled. If you enable this function, an access_token can be added to the API request for authentication.
- app_token_expire_time: validity period of an access_token. A new access_token must be obtained before the original access_token expires.
- refresh_token_expire_time: the validity period of a refresh_token. A refresh_token is used to obtain a new access_token.
- app_token_uri: the URI used to obtain an access_token.
- app_token_key: the encryption key of an access token.
app_api_key
Determine whether to enable app_api_key authentication. Default: disabled. If you enable this function, the apikey parameter can be added to the API request to carry the key of a credential for authentication.
app_basic
Determine whether to enable app_basic authentication. Default: disabled. After this option is enabled, users can add the header parameter Authorization and set the parameter value to "Basic + base64 (appkey + : + appsecret)", in which appkey and appsecret are the key and secret of a credential.
app_secret
Determine whether to enable app_secret authentication. Default: disabled. If you enable this function, the X-HW-ID and X-HW-AppKey parameters can be added to the API request to carry the key and secret of a credential for authentication.
app_route
Determine whether to support IP address–based API access. Default: disabled. If you enable this function, APIs in any group except DEFAULT can be called using IP addresses.
backend_client_certificate
Determine whether to enable backend two-way authentication. Default: disabled. If you enable this function, you can configure two-way authentication for a backend when creating an API.
ssl_ciphers
Supported HTTPS cipher suites. By default, all cipher suites are supported. Select cipher suites after you bind independent domain names to an API group.
real_ip_from_xff
Determine whether to use the IP addresses in the X-Forwarded-For header for access control and request throttling. By default, the IP addresses in this header are not used.
xff_index: Sequence number of an IP address in the X-Forwarded-For header. The value can be positive, negative, or 0.
- If the value is 0 or positive, the IP address of the corresponding index in the X-Forwarded-For header will be obtained.
- If the value is negative, the IP address of the indicated reverse sequence in the X-Forwarded-For header will be obtained.
For example, assume that the X-Forwarded-For header of a request received by API gateway contains three IP addresses: IP1, IP2, and IP3. If the value of xff_index is 0, IP1 is obtained. If the value is 1, IP2 is obtained. If the value is –1, IP3 is obtained. If the value is –2, IP2 is obtained.
vpc_name_modifiable
Determine whether load balance channel names can be modified. By default, the names can be modified.
NOTICE:If this option is enabled, load balance channels of the current gateway cannot be managed using project-level load balance channel management APIs.
app_jwt_enable
Determine whether to enable app_jwt authentication. Default: disabled. If you enable this function, the following parameters can be added to API requests to carry the key, secret, and timestamp of a credential for authentication.
- Add the header parameter Timestamp and set the parameter value to the Unix timestamp of the current time in millisecond.
- Add the header parameter Authorization. This parameter can be configured by modifying app_jwt_auth_header. The default value is Authorization. The parameter value is "SHA-256 (appkey + appsecret + timestamp)", in which appkey and appsecret are the credential key and secret and timestamp is the Unix timestamp of the current time in millisecond. The character string encrypted using SHA-256 must be lowercase letters.
- Add the header parameter X-HW-ID and set the parameter value to the credential key.
public_key_enable
Determine whether to enable public_key authentication. Default: disabled. If you enable this option, signature keys of the public_key type can be used for authentication.
public_key_uri_prefix indicates the prefix of the URI used to obtain the secret of public_key. The URI format is as follows: https://{VPC access address}{public_key_uri_prefix}{public_key name}.
custom_auth_header
Determine whether to support custom authentication headers. By default, custom authentication headers are not supported. If you enable this parameter, the initial values of app_auth_header and backend_sign_header are empty, same as when the parameter is disabled.
If you set the Current Value of app_auth_header, the parameter with the same name as this value carries the app authentication information in the request header for APIs that use app authentication. If you set the Current Value of backend_sign_header, the parameter with the same name as this value carries the signature information in the backend request header for APIs bound with an HMAC or Basic Auth signature key policy.
NOTICE:Configuring this parameter will affect all APIs that use app authentication or are bound with an HMAC or Basic Auth signature key policy in the gateway.
gzip
Determine whether to compress responses using gzip to reduce public network traffic. By default, responses are not compressed. The configuration will take effect in 1 minute.
After enabling this parameter, set the compression level parameter comp_level. The greater the value is, the better responses are compressed. Default: 6.
NOTICE:- Use gzip to compress response body larger than 1 KB.
- gzip supports the following file types: text/xml, text/plain, text/css, application/javascript, application/x-javascript, application/rss+xml, text/javascript, image/tiff, image/svg+xml, application/json, and application/xml.
- After enabling gzip compression, you must add request header Accept-Encoding: gzip.
- The gzip configuration can be modified 1 minute after being completed.
custom_log
Whether to enable custom logs. Default: disabled. Once enabled, values of specified parameters will be printed in specified locations of calling logs for all APIs in the gateway.
After this function is enabled, click Modify, and then click Add to add the parameters to print in calling logs.
NOTICE:- Custom logs print only the requests initiated from clients and do not print the constants and system parameters defined in APIG.
- Custom logs can have a maximum of 10 fields, with a total size of not more than 2 KB.
- Some special characters in parameter values will be encoded. For example, the plus sign (+) will be encoded as a space, double quotation marks (") encoded as \x22, and a backslash (\) encoded as \x5C.
sse_strategy
Whether to enable Server-Sent Events (SSE) transmission. It is disabled by default. Once enabled, the responses of APIs are output in streaming mode for character-based rendering.
NOTICE:The sse_strategy configuration can be modified 1 minute after being completed.
vpc_name_modifiable
Whether to enable name modification of the load balance channel. If the load balance channel name is modifiable, the load balance channel of the current gateway cannot be operated through the project-level load balance channel management API.
vpc_health_status
Whether to display the health status of backend instances for load balance channels when the channels' health check is enabled. This parameter is disabled by default.
request_custom_config
Configure client request parameters.
- HTTP/2: Enabled by default. For details, see What Is API Gateway?.
- request_body_timeout: Timeout for client request body. Default: 8s. Modify this parameter if the network condition is poor or the request body is too large.
NOTICE:The client request configuration can be modified 1 minute after being completed.
api_uri_no_escape
Determine whether to escape the path in the API URL. It is disabled by default, indicating that the path in the URL is escaped.
For details about the function of not escaping paths after api_uri_no_escape is enabled, see Table 2.
Table 2 Functions affected if path is not escaped Function
Description
API Frontend Definition Path
Path for Sending a Request
Disabling api_uri_no_escape
Enabling api_uri_no_escape
API definition
Path for APIG to match routes.
/{path}
/aa%2Faa
/aa/aa
/aa%2Faa
Parameter orchestration
Path used by backend service parameters.
-
-
/aa/aa
/aa%2Faa
HTTP-to-HTTPS redirection
Path used for redirection.
-
-
/aa/aa
/aa%2Faa
Backend policies
The policy condition is the path of the request input parameter.
-
-
/aa/aa
/aa%2Faa
Third-party authentication policy
Path transferred to the third-party system after the API is bound to a third-party authentication policy.
-
-
/aa/aa
/aa%2Faa
Kafka log push policy
Request path used after the Kafka log push policy is bound to the API.
-
-
/aa/aa
/aa%2Faa
Load balance channels
Path used by APIG to forward requests when the load balance channel uses the URI hash.
-
-
/aa/aa
/aa%2Faa
FunctionGraph backends
Request path sent to a function when the backend type of the API is FunctionGraph.
-
-
/aa/aa
/aa%2Faa
Custom authentication
Path of the request sent to the function when the API authentication mode is set to Custom.
-
-
/aa/aa
/aa%2Faa
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot