Basic Configuration

Procedure

Sign in to Huawei Cloud as a partner. On the top navigation bar, select Support > Open APIs.
Click the Configure icon in the flowchart to switch to the Configure page.

Set the parameters based on Table 1. After the configuration is complete, click OK.

**Table 1** Parameter descriptions
Parameter	Description
Basic Information
IDP metadata file (enterprise identity provider metadata file)	Indicates the IDP Metadata file in .xml format generated by the partner sales platform according to the SAML protocol standards. The file must be in the .xml format, and its size cannot exceed 2 MB. For details about how to generate the IDP metadata file, see Generating the IDP Metadata File.
Notification URL	Indicates the callback address provided by the partner sales platform for receiving the association result. Using an address in HTTPS is recommended. For details, see Association Result Notification API.
Upload Photos of Handheld ID Cards Required for Real-Name Authentication
If a partner's customers buy products from HUAWEI CLOUD Chinese mainland website and want to perform real-name authentication, customers need to upload pictures of the certificates for HUAWEI CLOUD to read to complete the real-name authentication. For details about how to upload the attachment for real-name authentication, see How Do I Upload the Attachment for Real-Name Authentication?
File Subscription After you subscribe to the partner bill (customer consumption details), you can rate your customers, and your sales platform will generate the customer bills based on this bill and then you can perform reconciliation with HUAWEI CLOUD. You can subscribe to customer resource usage details and view resource usage details of all your customers or a specified customer on the partner sales platform. Customers can view their own resource usage details on the partner sales platform.

Specify bucket information if you have enabled the real-name authentication or file subscription.

Click to enlarge

**Table 2** Bucket parameters
Parameter	Description
AK	Indicates the Access Key ID (AK) which is used when the partner sales platform accesses the OBS client or SDK. For details about how to obtain the AK, see Obtaining an AK/SK.
SK	Indicates the Secret Access Key (SK) which is used when the partner sales platform accesses the OBS client or SDK. For details about how to obtain the SK, see Obtaining an AK/SK.
Bucket Name	Indicates the name of the bucket created by the partner. Only OBS buckets purchased on Huawei Cloud in the Hong Kong region can be used.

Association Result Notification API

If the partner sales platform connects to HUAWEI CLOUD by switching to the HUAWEI CLOUD portal, the partner needs to provide a callback API for HUAWEI CLOUD sending the association result to the partner. An HTTPS URL is recommended.

The partner needs to comply with the following requirements when defining and developing this API.

URL
POST https://www.example.com/bind

Request Parameters

The request parameters are in Form Data format.

**Table 3** Parameter information
Parameter	Description	Example
bindRequest	Indicates the message body of the association result (JSON format). The message is coded using BASE64. For details about the parameters in the JSON message body, see Table 4.	EYJKB21HAW5OYW1LIJOIEW9UZ3POASISIMRVBWFPBKLKIJOIEW9UZ3POAWLKIIWIEFVZZXJJZCI6INLVBMD6AGL4IIWIYMLUZEFJDGLVBII6MX0%3D
SigAlg	Indicates the signature algorithm. SHA256 is used for signature by default. HTTP://WWW.W3.ORG/2001/04/XMLDSIG-MORE#RSA-SHA256	HTTP%3A%2F%2FWWW.W3.ORG%2F2001%2F04%2FXMLDSIG-MORE%23RSA-SHA256
Signature	Indicates the signature. The signature is used to verify the initiator of a request. When HUAWEI CLOUD initiates a request, it uses the private key and the bindRequest value in the request to obtain the signature. When receiving the request, the receiver verifies the signature using the public key provided by HUAWEI CLOUD (the value in the <ds:X509Certificate></ds:X509Certificate> tag in the SP Metadata file). If the signature verification succeeds, the request is sent by HUAWEI CLOUD, and the follow-up operations can be performed. Otherwise, the request is invalid.	SWCFTCP4NKMU%2BOBH1FCSXFY0DL31BGNH4EXUGTQY%2BSPLXC%2B94NXSS%2FRHPWYE9TXVNVSPTR6XRWBZLVHTBDRGLGC0OPTTCFYD4D3%2F6PMESNG5C4BPT

**Table 4** Parameters in the **bindRequest** JSON message
Parameter	Parameter Type	Description
xUserId	String	Indicates the user ID of the partner's customer on the partner sales platform.
xAccountId	String	Indicates the ID of the customer account created on the partner sales platform. An account ID must be unique and is better to be consistent with the domainName.
domainName	String	Indicates the HUAWEI CLOUD account of the partner's customer. This account will be used when the API is invoked.
domainId	String	Indicates the HUAWEI CLOUD account ID of the partner's customer. This ID will be used when the API is invoked.
userName	String	Indicates the HUAWEI CLOUD username of the partner's customer.
userId	String	Indicates the HUAWEI CLOUD user ID of the partner's customer.
exporetime	String	Indicates the time when a request expires. The value is in UTC format. Example: 2017-07-31T07:40:14.004Z
bindAction	String	Indicates the association result. 0: indicates that the association is successful. 1: indicates that the association failed.

Table 4 lists the account name, username, account ID, and user ID because HUAWEI CLOUD IAM has account and username concepts. For details about the two concepts, see "Account" and "IAM User" in Identity Management.

Follow-Up Procedure

If you find any parameters are incorrectly configured, you can modify the configuration.

On the top navigation bar, select Support > Open APIs.
Click the access configuration icon or View or Modify API Configuration under the icon.

The access configuration page is displayed.
Click Modify and modify the configuration as required.

If the IDP Metadata file is incorrectly configured, click Download Metadata File to download the file to the local, modify and save it, click Modify, and then upload the file again.