El contenido no se encuentra disponible en el idioma seleccionado. Estamos trabajando continuamente para agregar más idiomas. Gracias por su apoyo.
ROMA Connect
ROMA Connect
- What's New
- Function Overview
- Service Overview
- Billing
- Getting Started
-
User Guide
- Usage Process
- Instances
- Integration Application Management
-
Data Source Management
- Data Sources Supported by ROMA Connect
- Connecting to an API Data Source
- Connecting to an ActiveMQ Data Source
- Connecting to an ArtemisMQ Data Source
- Connecting to a DB2 Data Source
- Connecting to a DIS Data Source
- Connecting to a DWS Data Source
- Connecting to the DM Data Source
- Connecting to a Gauss100 Data Source
- Connecting to an FTP Data Source
- Connecting to an HL7 Data Source
- Connecting to a HANA Data Source
- Connecting to a HIVE Data Source
- Connecting to an LDAP Data Source
- Connecting to an IBM MQ Data Source
- Connecting to a Kafka Data Source
- Connecting to a MySQL Data Source
- Connecting to a MongoDB Data Source
- Connecting to an MQS Data Source
- Connecting to an MRS Hive Data Source
- Connecting to an MRS HDFS Data Source
- Connecting to an MRS HBase Data Source
- Connecting to an MRS Kafka Data Source
- Connecting to an OBS Data Source
- Connecting to an Oracle Data Source
- Connecting to a PostgreSQL Data Source
- Connecting to a Redis Data Source
- Connecting to a RabbitMQ Data Source
- Connecting to a RocketMQ Data Source
- Connecting to an SAP Data Source
- Connecting to an SNMP Data Source
- Connecting to a SQL Server Data Source
- Connecting to a GaussDB(for MySQL) Data Source
- Connecting to a WebSocket Data Source
- Connecting to a Custom Data Source
- Data Integration Guide
-
Service Integration Guide
- Usage Introduction
- Exposing an API
- Exposing a Function API
- Exposing a Data API
- Calling an API
- Managing APIs
- Managing Custom Backends
- Configuring API Control Policies
- Configuring API Plug-in Policies
- Configuring a Custom Authorizer
- Configuring Signature Verification for Backend Services
- Configuring API Cascading
-
Service Integration Guide (Old Edition)
- Usage Introduction
- Exposing APIs
- Creating and Exposing Data APIs
- Creating and Exposing Function APIs
- Calling an API
- Managing APIs
- Managing Custom Backends
- Managing Control Policies
- Managing Plug-ins
- Configuring a Custom Authorizer
- Configuring Signature Verification for Backend Services
- Configuring API Cascading
- Message Integration Guide
- Device Integration Guide
- Increasing Resource Quota
- Audit Logs
- Monitoring Metrics
- Permissions
- User Guide(new)
-
Best Practices
- Digital Reconstruction of Traditional Parking Lot Management Systems
- Sharing Enterprise Data Using APIs
- Integrating and Converting Service Data Across Systems
- Building an Enterprise Service Open Platform
- Developing a Custom Authorizer with a Custom Backend
- Avoiding MQS Message Accumulation
- Synchronizing Data from MySQL to Oracle as Scheduled
-
Developer Guide
- Developer Guide for Data Integration
-
Developer Guide for Service Integration
- Overview
- Developing API Calling Authentication (App)
- Developing API Calling Authentication (IAM)
-
Developing Custom Function Backends
- Overview
- AesUtils
- APIConnectResponse
- Base64Utils
- CacheUtils
- CipherUtils
- ConnectionConfig
- DataSourceClient
- DataSourceConfig
- ExchangeConfig
- HttpClient
- HttpConfig
- JedisConfig
- JSON2XMLHelper
- JSONHelper
- JsonUtils
- JWTUtils
- KafkaConsumer
- KafkaProducer
- KafkaConfig
- MD5Encoder
- Md5Utils
- QueueConfig
- RabbitMqConfig
- RabbitMqProducer
- RedisClient
- RomaWebConfig
- RSAUtils
- SapRfcClient
- SapRfcConfig
- SoapClient
- SoapConfig
- StringUtils
- TextUtils
- XmlUtils
- Developing Custom Data Backends
- Developing Signature Verification for Backend Services
- Developer Guide for Message Integration
-
Developer Guide for Device Integration
- Overview
- Preparations
- Configuring Device Integration
-
MQTT Topic Specifications
- Before You Start
- Gateway Login
- Adding a Gateway Subdevice
- Response for Adding a Gateway Subdevice
- Updating the Gateway Subdevice Status
- Response for Updating the Gateway Subdevice Status
- Deleting a Gateway Subdevice
- Querying Gateway Information
- Response for Querying Gateway Information
- Delivering a Command to a Device
- Response for Delivering a Command to a Device
- Reporting Device Data
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
Public Resource APIs
-
Application Management
- Verifying the Existence of an Application
- Querying Applications
- Creating an Application
- Querying Application Details
- Updating an Application
- Deleting an Application
- Querying an Application Secret
- Resetting an Application Secret
- Querying Application Members
- Setting Application Members
- Querying Candidate Members
- Asset Management
- Dictionary Management
- Public Management
- Instance Management
-
Application Management
-
Data Integration APIs
- Data Source Management
- Task Monitoring and Management
-
Task Management
- Creating a Common Task
- Querying a Task List
- Counting the number of tasks of different types and states
- Updating a Common Job
- Querying Information About a Specified Task
- Deleting a Task
- Manually Triggering a Single Task
- Manually Stopping the Current Task
- Creating a Schedule
- Querying a Schedule
- Modifying a Scheduling
- Starting or Stopping Tasks in Batches
- Creating a Composite Task
- Initializing the Combined Task
- Modifying a Combined Task
- Resetting the Progress of the Combined Task
- Creating Combined Task Mappings
- Deleting the Specified Task Mapping
-
Service Integration APIs
- Instance Management
- API Group Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying Details of an API
- Querying APIs
- Publishing APIs or Taking APIs Offline in Batches
- Debugging an API
- Switching API Versions
- Querying Details of an API Version
- Taking an API Version Offline
- Querying Historical Versions of an API
- Querying the Runtime Definition of an API
- Verifying the API Definition
- Environment Management
- Environment Variable Management
- Domain Name Management
- Request Throttling Policy Management
- Binding a Request Throttling Policy to an API
- Excluded Request Throttling Configuration
- Signature Key Management
- Binding Signature Keys
- Access Control Policy Management
- Binding Access Control Policies
- API Import and Export
-
VPC Channel Management
- Creating a VPC Channel
- Updating a VPC Channel
- Deleting a VPC Channel
- Querying Details of a VPC Channel
- Querying VPC Channels
- Adding or Updating Backend Servers
- Querying Backend Servers of a VPC Channel
- Updating a Backend Instance
- Deleting a Backend Server
- Enabling Backend Servers in Batches
- Disabling Backend Servers in Batches
- Modifying VPC Channel Health Checks
- Adding or Updating a Backend Server Group of a VPC Channel
- Querying the List of Backend Cloud Service Groups of a VPC Channel
- Viewing Details About a Backend Server Group of a VPC Channel
- Deleting a VPC Backend Server Group
- Updating a Backend Server Group of a VPC Channel
-
Client Configuration
- Querying Apps
- Querying Details of an App
- Creating an AppCode
- Generating an AppCode
- Querying AppCodes of an App
- Querying Details of an AppCode
- Deleting an AppCode
- Querying Application Quotas Associated with an Application Quota
- Configuring Access Control for an App
- Querying Details About App Access Control
- Deleting Access Control for an App
-
Client Quotas
- Creating a client quota.
- Modifying a Client Quota
- Delete a Client Quota
- Querying Details of a Client Quota
- Querying Client Quotas
- Binding Client Applications to a Client Quota
- Unbinding Client Applications from a Client Quota
- Querying Client Applications Bound to a Client Quota
- Querying Client Applications Available for Being Bound to a Client Quota
- Application Authorization Management
-
Custom Backend Management
- Creating a Backend API
- Modifying a Backend API
- Deleting a Backend API
- Querying Details of a Backend API
- Querying Backend APIs
- Creating a Backend API Script
- Testing a Backend API
- Querying the Backend API Test Result
- Deploying a Backend API
- Querying the Deployment History of a Backend API
- Canceling Deployment of a Backend API
- Verifying the Definition of a Custom Backend API
- Querying the Quota of a Custom Backend Service
- Querying Data Sources of a Custom Backend Service
- Custom Authorizer Management
- Querying Metrics
- Instance Feature Management
- Tag Management
- Configuration Management
- Application Configuration Management
- VPC Channel Management - Project-Level
-
SSL Certificate Management
- Obtaining SSL Certificates
- Create an SSL certificate.
- Binding a Domain Name to an SSL Certificate
- Unbinding a Domain Name from an SSL Certificate
- Viewing Certificate Details
- Deleting an SSL Certificate
- Modifying an SSL certificate
- Binding an SSL Certificate with a Domain Name
- Unbinding an SSL Certificate from a Domain Name
- Obtaining Domain Names Bound to an SSL Certificate
-
Plug-in Management
- Creating a Plug-in
- Modifying a Plug-in
- Deleting a Plug-in
- Querying a Plug-in
- Querying Plug-in Details
- Binding a Plug-in to an API
- Binding a Plug-in to an API
- Unbinding a Plug-in from an API
- Unbinding a Plug-in from an API
- Querying APIs Bound with a Plug-in
- Querying Plug-ins bound to an API
- Querying APIs that Can Be Bound to a Plug-in
- Querying Plug-ins that Can Be Bound to the Current API
- Message Integration APIs
-
Device Integration APIs
- Device Group Management
-
Device Management
- Creating a Device
- Querying Devices
- Bringing Devices Offline in Batches
- Deleting a Device
- Querying Device Details
- Modifying a Device
- Querying Device Topics
- Adding a Subdevice to the Gateway
- Querying Subdevices
- Querying a Device Shadow
- Resetting Device Authentication Information
- Querying Device Authentication Information
- Sending Commands
- Subscription Management
- Product Template Management
-
Product Management
- Creating a Product
- Querying Products
- Querying the Number of Devices in a Product
- Deleting a Product
- Querying Product Details
- Modifying Product Information
- Adding a Product Topic
- Querying Product Topics
- Deleting a Product Topic
- Modifying a Product Topic
- Resetting Product Authentication Information
- Querying Product Authentication Information
- Importing Products
- Exporting Products
- Rule Engine
-
Service Management
- Creating a Service
- Querying Services
- Deleting a Service
- Querying Service Details
- Modifying a Service
- Creating an Attribute
- Querying Attributes
- Creating a Command
- Querying Commands
- Deleting a Command
- Querying Command Details
- Modifying a Command
- Creating a Request Attribute
- Querying Request Attributes
- Deleting a Request Attribute
- Modifying a Request Attribute
- Creating a Response Attribute
- Querying Response Attributes
- Deleting a Response Attribute
- Querying Response Attributes
- Modifying a Response Attribute
- Example Applications
- Permissions Policies and Supported Actions
- Appendix
-
Out-of-Date APIs
-
APIC APIs (V1)
- API Group Management (V1)
- API Management (V1)
-
Custom Backend Management (V1)
- Querying Backend APIs
- Creating a Backend API
- Querying Details of a Backend API
- Modifying a Backend API
- Deleting a Backend API
- Querying the Backend API Test Result
- Querying the Deployment History of a Backend API
- Deploying a Backend API
- Testing a Backend API
- Canceling Deployment of a Backend API
- Creating a Backend API Script
- Application Authorization Management (V1)
- Custom Authorizer Management (V1)
- Device Integration APIs (V1)
-
APIC APIs (V1)
- Change History
- SDK Reference
-
FAQs
- Instance Management
-
Data Integration
-
Common Data Integration Tasks
- Which Types of Data Are Supported by FDI Databases?
- What Is a Trace Number? Can Data Be Traced by Using a Trace Number?
- Can I Clear the Destination Tables of an FDI Task?
- Can a Task Collect Data from One Table to Another Table?
- Is the FDI Task Created by One User Visible to Another User Under the Same Account?
- How Do I Configure FDI to Connect to MRS Hive of Other Tenants Through a Public Network?
- Will Collected Data Be Updated After a File Is Parsed from OBS to the RDS Database?
- Why Are the Column Values Incorrect When the CSV File on the Source OBS Is Parsed to the Relational Database?
- Can Data Be Integrated into the Destination When the Data Types of Source and Destination Fields of MRS Hive Do Not Match?
- Is the Mapping Between MRS Hive or MRS HBase and MongoDB Case-sensitive When It Is Manually Entered?
- Does MRS Hive Support Partitioning?
- How Do I Set the Custom Period for the API Data Source at the Source?
- Does SAP Support Reading Views by Page?
- Composite Data Integration Tasks
-
Common Data Integration Tasks
-
Service Integration
- Does APIC Support Multiple Backend Endpoints?
- How Do I Perform App Authentication in iOS System?
- How Can I Ensure the Security of Backend Services Invoked by APIC?
- Do I Need to Publish an API Again After Modification?
- What Can I Do If an API Published in a Non-RELEASE Environment Is Inaccessible?
- Can I Invoke Different Backend Services by Publishing an API in Different Environments?
- Can Applications Deployed in a VPC Call APIs?
- What Is the Maximum Size of an API Request Packet?
- Can I Modify a Deployed Custom Backend?
- How Does APIC Throttle Requests?
- What Are the Causes of an API Calling Failure?
- Message Integration
- Device Integration
-
Troubleshooting
-
Common Data Integration Tasks
- Garbled Characters Are Displayed When Data Is Written to MRS Hive at the Destination
- All Data Is Written to the First Field of MRS Hive
- An Error Message Is Displayed at the Destination Indicating Task Execution Times Out
- Error Message "could only be written to 0 of the 1 minReplication nodes. There are 2 datanode(s) running and 2 node(s) are excluded in this operation" Is Reported at the Destination During Data Integration from MySQL to MRS Hive
- Error Message "Illegal mix of collations for operation 'UNION'" Is Displayed at the Source Database During MySQL-to-MySQL Data Integration
- Data May Be Lost When Incremental Data Collection Is Performed from the Source MySQL on an Hourly Basis
- Error Message "401 unauthorized" Is Displayed at the Source During API-to-MySQL Data Integration
- Error Message "cannot find record mapping field" Is Displayed at the Destination During Kafka-to-MySQL Data Integration
- Error Message "connect timeout" Is Displayed at the Source During Scheduled API-to-MySQL Data Integration
- FDI Fails to Obtain Data During Real-Time Kafka-to-MySQL Data Integration Although Data Exists in MQS Topics
- Value of the Source Field of the tinyint(1) Type Is Changed from 2 to 1 at the Destination During Scheduled MySQL-to-MySQL Data Integration
- "The task executes failed.Writer data to kafka failed" Is Reported When the Kafka Destination Is Used over the Public Network
-
Composite Data Integration Tasks
- Data Fails to Be Written Because the RowId Field Type Is Incorrectly Configured in the Destination Table
- Error Message "binlog probably contains events generated with statement or mixed based replication forma" Is Displayed When the Binlog of the MySQL Database Is Read
- Data Still Fails to Be Written After an FDI Task Failure Is Rectified
- Camel Fails to Access the Database Because Table Names Contain Garbled Characters
- Inserted Data Violates the Non-null Constraint
- FDI Task Fails to Be Executed Because DWS Changes to the Read-only State
- Data Write to DWS Becomes Slower
- Data Sources
-
Service Integration
- Backend Service Fails to Be Invoked
- Error Message "No backend available" Is Displayed When an API Is Called
- Error Message "The API does not exist or has not been published in an environment" Is Displayed When an API Is Called Using JavaScript
- Common Errors Related to IAM Authentication Information
- A Message Is Displayed Indicating that the Certificate Chain Is Incomplete When You Add a Certificate
- Device Integration
-
Common Data Integration Tasks
- Videos
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
- Getting Started
- Instances
- Integration Application Management
- Data Integration Guide
- Service Integration Guide
- Message Integration Guide
- Device Integration Guide
-
Data Source Management
- Data Sources Supported by ROMA Connect
- Connecting to an API Data Source
- Connecting to an ActiveMQ Data Source
- Connecting to an ArtemisMQ Data Source
- Connecting to a DB2 Data Source
- Connecting to a DIS Data Source
- Connecting to a DWS Data Source
- Connecting to a GaussDB 100 Data Source
- Connecting to a GaussDB 200 Data Source
- Connecting to an FTP Data Source
- Connecting to an FI HDFS Data Source
- Connecting to an FI Hive Data Source
- Connecting to an FI Kafka Data Source
- Connecting to an HL7 Data Source
- Connecting to a HANA Data Source
- Connecting to a HIVE Data Source
- Connecting to an LDAP Data Source
- Connecting to an IBM MQ Data Source
- Connecting to a Kafka Data Source
- Connecting to a MySQL Data Source
- Connecting to a MongoDB Data Source
- Connecting to an MRS Hive Data Source
- Connecting to an MRS HDFS Data Source
- Connecting to an MRS HBase Data Source
- Connecting to an MRS Kafka Data Source
- Connecting to an OBS Data Source
- Connecting to an Oracle Data Source
- Connecting to a PostgreSQL Data Source
- Connecting to a Redis Data Source
- Connecting to a RabbitMQ Data Source
- Connecting to an SAP Data Source
- Connecting to an SNMP Data Source
- Connecting to a SQL Server Data Source
- Connecting to a TaurusDB Data Source
- Connecting to a WebSocket Data Source
- Connecting to a Custom Data Source
- Asset Management
-
FAQs
- Common Operations
-
Data Integration Tasks
- Which Types of Data Are Supported by FDI Databases?
- What Is a Trace Number? Can Data Be Traced by Using a Trace Number?
- Does an FDI Task Support Clearance of a Destination Table?
- Can a Task Collect Data from One Table to Another Table?
- Is the FDI Task Created by One User Visible to Another User Under the Same Account?
- How Do I Configure FDI to Connect to MRS Hive of Other Tenants Through a Public Network?
- Will Collected Data Be Updated After a File Is Parsed from OBS to the RDS Database?
- Why Are the Column Values Incorrect When the CSV File on the Source OBS Is Parsed to the Relational Database?
- Can Data Be Integrated into the Destination When the Data Types of Source and Destination Fields of MRS Hive Do Not Match?
- Is the Mapping Between MRS Hive or MRS HBase and MongoDB Case-sensitive When It Is Manually Entered?
- Does MRS Hive Support Partitioning?
- How Can I Configure the Time for Triggering a Scheduled Task of FDI?
- How Do I Set the Custom Period for the API Data Source at the Source?
- Composite Data Integration Tasks
-
Service Integration
- Which Languages Does APIC Support for SDKs?
- Does APIC Support Multiple Backend Endpoints?
- Which Error Codes Will Be Displayed When I Use APIC?
- How Can I Ensure the Security of Backend Services Invoked by APIC?
- Do I Need to Publish an API Again After Modification?
- What Can I Do If an API Published in a Non-RELEASE Environment Is Inaccessible?
- Can I Invoke Different Backend Services by Publishing an API in Different Environments?
- What Is the Maximum Size of an API Request Package?
- Can I Modify an API After It Is Deployed on the Custom Backend?
- How Does APIC Throttle Requests?
- What Are the Causes of an API Calling Failure?
- Can I Call an API If the API Is Not Bound to an EIP?
- Which Data Sources Does APIC Support?
- Message Integration
- Device Integration
-
Troubleshooting
-
Common Data Integration Tasks
- Garbled Characters Are Displayed When Data Is Written to MRS Hive at the Destination
- All Data Is Written to the First Field of MRS Hive
- An Error Message Is Displayed at the Destination Indicating Task Execution Times Out
- Error Message "could only be written to 0 of the 1 minReplication nodes. There are 2 datanode(s) running and 2 node(s) are excluded in this operation" Is Reported at the Destination During Data Integration from MySQL to MRS Hive
- Error Message "Illegal mix of collations for operation 'UNION'" Is Displayed at the Source Database During MySQL-to-MySQL Data Integration
- Data May Be Lost When Incremental Data Collection Is Performed from the Source MySQL on an Hourly Basis
- Error Message "401 unauthorized" Is Displayed at the Source During API-to-MySQL Data Integration
- Error Message "cannot find record mapping field" Is Displayed at the Destination During Kafka-to-MySQL Data Integration
- Error Message "connect timeout" Is Displayed at the Source During Scheduled API-to-MySQL Data Integration
- FDI Fails to Obtain Data During Real-Time Kafka-to-MySQL Data Integration Although Data Exists in MQS Topics
- Value of the Source Field of the tinyint(1) Type Is Changed from 2 to 1 at the Destination During Scheduled MySQL-to-MySQL Data Integration
-
Composite Data Integration Tasks
- Data Fails to Be Written Because the RowId Field Type Is Incorrectly Configured in the Destination Table
- Error Message "binlog probably contains events generated with statement or mixed based replication forma" Is Displayed When the Binlog of the MySQL Database Is Read
- Data Still Fails to Be Written After an FDI Task Failure Is Rectified
- Camel Fails to Access the Database Because Table Names Contain Garbled Characters
- Inserted Data Violates the Non-null Constraint
- FDI Task Fails to Be Executed Because DWS Changes to the read-only State
- Speed of Writing Data to DWS Becomes Slower
- Data Sources
- Service Integration
- Device Integration
-
Common Data Integration Tasks
-
Developer Guide (ME-Abu Dhabi Region)
-
Developer Guide for Service Integration
- How Do I Choose an Authentication Mode
- Using App Authentication to Call APIs
- Using IAM Authentication to Call APIs
- Signing Backend Services
-
Developing Function APIs
- Function API Script Compilation Guide
- APIConnectResponse
- Base64Utils
- CacheUtils
- CipherUtils
- ConnectionConfig
- DataSourceClient
- DataSourceConfig
- ExchangeConfig
- HttpClient
- HttpConfig
- JedisConfig
- JSON2XMLHelper
- JSONHelper
- JsonUtils
- JWTUtils
- KafkaConsumer
- KafkaProducer
- KafkaConfig
- MD5Encoder
- Md5Utils
- ObjectUtils
- QueueConfig
- RabbitMqConfig
- RabbitMqProducer
- RedisClient
- RomaWebConfig
- RSAUtils
- SapRfcClient
- SapRfcConfig
- SoapClient
- SoapConfig
- StringUtils
- TextUtils
- XmlUtils
- Developing Data API Statements
-
Developer Guide for Message Integration
- Overview and Network Environment Preparation
- Collecting Connection Information
-
Connecting to MQS in Client Mode
- Recommendations for Client Usage
- Setting Parameters for Clients
- Setting Up the Java Development Environment
- Configuring Kafka Clients in Java
- Configuring Kafka Clients in Python
- Configuring Kafka Clients in Other Languages
- Appendix: Methods for Improving the Message Processing Efficiency
- Appendix: Restrictions on Spring Kafka Interconnection
- Connecting to MQS Using RESTful APIs
-
Developer Guide for Device Integration
- Device Integration Development
-
MQTT Topic Specifications
- Before You Start
- Gateway Login
- Adding a Gateway Subdevice
- Response for Adding a Gateway Subdevice
- Updating the Gateway Subdevice Status
- Response for Updating the Gateway Subdevice Status
- Deleting a Gateway Subdevice
- Querying Gateway Information
- Response for Querying Gateway Information
- Delivering a Command to a Device
- Response for Delivering a Command to a Device
- Reporting Device Data
-
Developer Guide for Service Integration
-
API Reference (ME-Abu Dhabi Region)
- Before You Start
- Calling APIs
-
Public Resource APIs
-
Application Management
- Verifying the Existence of an Application
- Querying Applications
- Creating an Application
- Querying Application Details
- Updating an Application
- Deleting an Application
- Querying an Application Secret
- Resetting an Application Secret
- Querying Application Members
- Setting Application Members
- Querying Candidate Members
- Asset Management
- Dictionary Management
- Public Management
-
Application Management
-
APIC APIs
- Instance Management
- API Group Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying Details of an API
- Querying APIs
- Publishing APIs or Taking APIs Offline in Batches
- Debugging an API
- Switching API Versions
- Querying Details of an API Version
- Taking an API Version Offline
- Querying Historical Versions of an API
- Querying the Runtime Definition of an API
- Verifying the API Definition
- Environment Management
- Environment Variable Management
- Domain Name Management
- Request Throttling Policy Management
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- Signature Key Management
- Binding/Unbinding Signature Keys
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- API Import and Export
- VPC Channel Management
-
Client Configuration
- Querying Apps
- Querying Details of an App
- Creating an AppCode
- Generating an AppCode
- Querying AppCodes of an App
- Querying Details of an AppCode
- Deleting an AppCode
- Querying Application Quotas Associated with an Application Quota
- Configuring Access Control for an App
- Querying Details About App Access Control
- Deleting Access Control for an App
-
Client Quota
- This API is used to create a client quota.
- Modifying a Client Quota
- Delete a Client Quota
- Querying Details of a Client Quota
- Querying Client Quotas
- Binding Client Applications to a Client Quota
- Unbinding Client Applications from a Client Quota
- Querying Client Applications Bound to a Client Quota
- Querying Client Applications Available for Being Bound to a Client Quota
- App Authorization Management
-
Custom Backend Management
- Creating a Backend API
- Modifying a Backend API
- Deleting a Backend API
- Querying Details of a Backend API
- Querying Backend APIs
- Creating a Backend API Script
- Testing a Backend API
- Querying the Backend API Test Result
- Deploying a Backend API
- Querying the Deployment History of a Backend API
- Canceling Deployment of a Backend API
- Verifying the Definition of a Custom Backend API
- Querying the Quota of a Custom Backend Service
- Querying Data Sources of a Custom Backend Service
- Custom Authorizer Management
- Monitoring Information Query
- Instance Feature Management
- Tag Management
- Configuration Management
- Application Configuration Management
- MQS APIs
-
Device Integration APIs
- Device Group Management
-
Device Management
- Creating a Device
- Querying Devices
- Bringing Devices Offline in Batches
- Deleting a Device
- Querying Device Details
- Modifying a Device
- Querying Device Topics
- Adding a Subdevice to the Gateway
- Querying Subdevices
- Querying a Device Shadow
- Resetting Device Authentication Information
- Querying Device Authentication Information
- Sending Commands
- Product Template Management
-
Product Management
- Creating a Product
- Querying Products
- Querying the Number of Devices in a Product
- Deleting a Product
- Querying Product Details
- Modifying Product Information
- Adding a Product Topic
- Querying Product Topics
- Deleting a Product Topic
- Modifying a Product Topic
- Resetting Product Authentication Information
- Querying Product Authentication Information
- Importing Products
- Exporting Products
- Rule Engine
-
Service Management
- Creating a Service
- Querying Services
- Deleting a Service
- Querying Service Details
- Modifying a Service
- Creating an Attribute
- Querying Attributes
- Creating a Command
- Querying Commands
- Deleting a Command
- Querying Command Details
- Modifying a Command
- Creating a Request Attribute
- Querying Request Attributes
- Deleting a Request Attribute
- Modifying a Request Attribute
- Creating a Response Attribute
- Querying Response Attributes
- Deleting a Response Attribute
- Querying Response Attributes
- Modifying a Response Attribute
- Appendix
-
User Guide (ME-Abu Dhabi Region)
- General Reference
On this page
Help Center/
ROMA Connect/
User Guide/
Service Integration Guide/
Configuring API Plug-in Policies/
Configuring A Third-Party Authorizer
Copied.
Configuring A Third-Party Authorizer
ROMA Connect provides flexible extension capabilities for APIs through plug-in policies. Third-party authentication policies call third-party authentication services to authenticate API access. When a user calls an API, ROMA Connect calls the third-party authentication service first and then the backend service if the authentication is successful.
Plug-in policies and APIs are independent of each other. A plug-in policy takes effect for an API only after it is bound to the API. When binding a plug-in policy to an API, you must specify an environment where the API has been published. The plug-in policy takes effect for the API only in the specified environment.
Constraints
When a user calls an API bound to a third-party authentication policy, the API performs its own authentication and then the third-party authentication.
Creating a Third-Party Authorizer
- Log in to the ROMA Connect console. On the Instances page, click View Console of an instance.
- In the navigation pane on the left, choose API Connect > API Policies. On the Policies tab, click Create Policy.
- In the Select Policy Type box, select Third-Party Authorizer in the Plug-ins area.
- On the page displayed, configure plug-in policy information.
Table 1 Policy configuration Parameter
Description
Name
Enter a policy name. Using naming rules facilitates future search.
Type
The value is fixed as Third-Party Authorizer.
Scope
Specify the scope to view the policy.
- Integration application: Each policy belongs to an integration application. Only users who have permission on the integration application can view and use the policy.
- All: All users in the current instance can view and use the policy.
Integration Application
Mandatory when Scope is set to Integration Application.
Select an integration application for the policy. If none is available, click Create Integration Application on the right to create one.
Description
Describe the policy.
Policy Content: Configure the policy in a form or script. For details about how to configure a script, see Script Configuration Example.
Load Balance Channel
Whether to access the third-party authentication service via a load balance channel. If you want to select Configure, create a load balance channel in advance.
Backend URL
Configure the URL of the third-party authentication service.
- Method: Select the request method of the third-party authentication service.
- Protocol: Select the request protocol of the third-party authentication service. HTTPS is recommended for transmitting important or sensitive data.
- Backend Address: Mandatory when Load Balance Channel is set to Skip. Enter the access address of the third-party authentication service in the format of Host:Port. Host indicates the IP address or domain name for accessing the third-party authentication service. If no port is specified, port 80 is for HTTP and port 443 is for HTTPS by default.
- Load Balance Channel: Mandatory when Load Balance Channel is set to Configure. Select a load balance channel for accessing the third-party authentication service.
- Path: Enter the request path of the third-party authentication service, for example, /auth.
Timeout (ms)
Enter the timeout interval of a third-party authentication service request. The default value is 5000.
Host Header
Available when Load Balance Channel is set to Configure.
Define the host header field carried in the third-party authentication service request.
Brute Force Threshold
IP addresses whose number of attempts to access APIs by third-party authentication within 5 minutes exceeds this threshold will be blocked. They will be unblocked after the current statistical period.
For example, if an IP address has failed the third-party authentication more than the configured threshold in the third minute of a statistical period, the address is blocked, and will be unblocked after 2 minutes.
Identity Sources
Add the header and query parameters in the original API request used for third-party authentication. If not specified, all header and query parameters in the original API request will be used.
Relaxed Mode
When this option is enabled, ROMA Connect accepts client requests even if the third-party authentication service cannot be connected or returns an error code starting with "5".
Allow Original Request Body
When this option is enabled, the original API request body is used to call the third-party authentication service.
Request Body Size (bytes)
Available only when Allow Original Request Body is enabled.
Size of the request body for calling the third-party authentication service. It cannot exceed the maximum size allowed by the instance. Check out the value of request_body_size in configuration parameters.
Allow Original Request Path
When this option is enabled, the original API request path is added to the end of the third-party authentication request path before the third-party authentication service is invoked.
Return Response
When this option is enabled, the authentication response is returned on failure.
Allowed Response Headers
Headers to obtain from the authentication response and send to the backend service with the original request, when the authentication is successful.
Simple Authentication
When this option is enabled, status codes starting with "2" indicate successful authentication.
Authentication Result
Available only when Simple Authentication is disabled.
Verifies the response header returned by the third-party authentication service. If the response header contains the configured parameter and the corresponding values are the same, the authentication is successful.
Blacklist/Whitelist
When this option is enabled, if the original API request matches the blacklist rule, third-party authentication is performed. If the original API request matches the whitelist rule, third-party authentication is not performed.
Type
Mandatory when Blacklist/Whitelist is enabled.
- Whitelist: API requests matching the whitelist rules do not require third-party authentication.
- Blacklist: API requests matching the blacklist rules require third-party authentication.
Parameters
Available only when Blacklist/Whitelist is enabled.
Define the parameters for rule matching. Click Add Parameter to add rule parameters.
NOTE:
For security purposes, do not include sensitive information in these parameters.
- Parameter Location: position of a parameter in an API request.
- path: API request URI. This parameter is configured by default.
- method: API request method. This parameter is configured by default.
- header: first value of the header parameter in an API request.
- query: first value of the query parameter in an API request.
- system: a system parameter.
- Parameter: name of a parameter used for rule matching.
Rules
Available only when Blacklist/Whitelist is enabled.
Customize matching rules for the blacklist or whitelist. Click Add Rule to add rules. The system matches rules from top to bottom.
NOTE:
For security purposes, do not include sensitive information in these parameters.
Rules: Click
to edit the condition expressions. If there are three or more expressions, you can layer them by clicking Set Lower Level.
- =: equal to
- !=: not equal to
- pattern: regular expression
- enum: enumerated values, separated by comma (,)
- Click OK.
After a plug-in policy is created, bind a plug-in policy to an API for the policy to take effect on the API.
Binding a Plug-in Policy to an API
- On the Policies tab, filter policies by Third-Party Authorizer.
- Click the name of a policy to go to the details page.
- On the APIs tab, select the environment of the APIs you want to bind the policy to and click Bind to APIs.
- On the page displayed, select the APIs to bind the policy to.
- Click OK.
Script Configuration Example
{
"auth_request": {
"method": "GET",
"protocol": "HTTPS",
"url_domain": "10.10.10.10",
"timeout": 5000,
"path": "/auth",
"vpc_channel_enabled": false,
"vpc_channel_info": null
},
"custom_forbid_limit": 100,
"carry_body": {
"enabled": true,
"max_body_size": 1000
},
"auth_downgrade_enabled": true,
"carry_path_enabled": true,
"return_resp_body_enabled": false,
"carry_resp_headers": [],
"simple_auth_mode_enabled": true,
"match_auth": null,
"rule_enabled": false,
"rule_type": "allow"
}
Parent topic: Configuring API Plug-in Policies
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
