Help Center/ ROMA Connect/ API Reference/ Service Integration APIs/ Binding Signature Keys/ Binding a Signature Key

Updated on 2023-06-29 GMT+08:00

View PDF

Binding a Signature Key

Function

A signature key takes effect only after being bound to an API.

When requesting the backend service, APIC uses the signature key to cryptographically sign requests. The backend service verifies the signature to identify request sources.

This API is used to bind a signature key to one or more published APIs. You can bind different signature keys to an API in different environments, but can bind only one signature key to the API in each environment.

URI

POST /v2/{project_id}/apic/instances/{instance_id}/sign-bindings

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For details about how to obtain the project ID, see Appendix > Obtaining a Project ID in the ROMA Connect API Reference.
instance_id	Yes	String	Instance ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
sign_id	Yes	String	Cloud server list.
publish_ids	Yes	Array of strings	ID of an API publication record.

Response Parameters

Status code: 201

**Table 4** Response body parameters
Parameter	Type	Description
bindings	Array of SignApiBindingInfo objects	List of binding relationships between APIs and signature keys.

**Table 5** SignApiBindingInfo
Parameter	Type	Description
publish_id	String	API publication ID.
api_id	String	API ID.
group_name	String	API group name.
binding_time	String	Time when the policy is bound to the API.
env_id	String	ID of the environment in which the API was published.
env_name	String	Name of the environment in which the API was published.
api_type	Integer	API type.
api_name	String	API name.
id	String	Binding record ID.
api_remark	String	API description.
sign_id	String	Signature key ID.
sign_name	String	Signature key name, The value contains 3 to 64 characters, including letters, digits, and underscores (_). It must start with a letter.
sign_key	String	Signature key. hmac: The value must start with a letter or digit and can include letters, digits, underscores (_), and hyphens (-) (8 to 32 characters). If not specified, a key is automatically generated. basic: The value must start with a letter and can include letters, digits, underscores (_), and hyphens (-) (4 to 32 characters). If not specified, a key is automatically generated. public_key: The value can start with a letter, digit, plus sign (+), or slash (/), and can include letters, digits, underscores (_), hyphens (-), plus signs (+), and slashes (/) (8 to 512 characters). If not specified, a key is automatically generated. aes: The value contains 16 characters if the aes-128-cfb algorithm is used or 32 characters if the aes-256-cfb algorithm is used. Letters, digits, and special characters (_-!@#$%+/=) are allowed. It must start with a letter, digit, plus sign (+), or slash (/). If not specified, a key is automatically generated.
sign_secret	String	Signature secret. hmac: The value must start with a letter or digit, and can include letters, digits, and special characters (_-!@#$%) (16 to 64 characters). If not specified, a key is automatically generated. basic: The value must start with a letter or digit, and can include letters, digits, and special characters (_-!@#$%) (8 to 64 characters). If not specified, a key is automatically generated. public_key: The value can start with a letter, digit, plus sign (+), or slash (/), and can include letters, digits, and special characters (_-!@#$%+/=) (15 to 2048 characters). If not specified, a key is automatically generated. aes: The value contains 16 characters, including letters, digits, and special characters (_-!@#$%+/=). It must start with a letter, digit, plus sign (+), or slash (/). If not specified, a key is automatically generated.
sign_type	String	Signature key type: hmac basic public_key aes To use a basic signature key, ensure that your instance version supports it. Contact technical support to upgrade your instance if needed. To use a public_key signature key, ensure that the public_key feature has been configured for your instance. For details, see "Appendix" > "APIC Features Supported by ROMA Connect Instances". If your instance does not support this feature, contact technical support to enable it. To use an AES signature key, ensure that your instance version supports it. Contact technical support to upgrade your instance if needed.

Status code: 400

**Table 6** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 401

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 403

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 404

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Status code: 500

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error description.

Example Requests

{
  "sign_id" : "0b0e8f456b8742218af75f945307173c",
  "publish_ids" : [ "40e7162dc6b94bbbbb1a60d2a24b1b0c" ]
}

Example Responses

Status code: 201

Created

{
  "bindings" : [ {
    "api_id" : "5f918d104dc84480a75166ba99efff21",
    "sign_secret" : "dc02fc5f30714d6bb21888389419e2b3",
    "group_name" : "api_group_001",
    "sign_id" : "0b0e8f456b8742218af75f945307173c",
    "sign_key" : "a071a20d460a4f639a636c3d7e3d8163",
    "binding_time" : "2020-08-03T04:00:11.638167852Z",
    "env_id" : "DEFAULT_ENVIRONMENT_RELEASE_ID",
    "env_name" : "RELEASE",
    "sign_name" : "signature_demo",
    "api_type" : 1,
    "api_name" : "Api_http",
    "id" : "25082bd52f74442bb1d273993d567938",
    "api_remark" : "Web backend Api",
    "publish_id" : "66a645f1d6294fa6899cb1ed1c51bc4c",
    "sign_type" : "hmac"
  } ]
}

Status code: 400

Bad Request

{
  "error_code" : "APIG.2012",
  "error_msg" : "Invalid parameter value,parameterName:sign_id. Please refer to the support documentation"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3017",
  "error_msg" : "Signature key 0b0e8f456b8742218af75f945307173c does not exist"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code	Description
201	Created
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error

Error Codes

See Error Codes.

Parent topic: Binding Signature Keys

Previous topic: Binding Signature Keys

Next topic: Unbinding a Signature Key

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot