Adding an AppCode for Simple Authentication

AppCodes are identity credentials of a credential used to call APIs in simple authentication mode. In this mode, the X-Apig-AppCode parameter (whose value is an AppCode on the credential details page) is added to the HTTP request header for quick response. APIG verifies only the AppCode and the request content does not need to be signed.

When an API is called using app authentication and simple authentication is enabled for the API, the key and secret can be used to sign and verify the API request. AppCodes can also be used for simple authentication.

For security purposes, simple authentication only supports API calls over HTTPS.
You can create a maximum of five AppCodes for each credential.

Generating an AppCode

Log in to the APIG console.
Select a gateway at the top of the navigation pane.

In the navigation pane, choose API Management > Credentials.

Click the name of the target credential.
Under AppCodes, click Add AppCode.

Configure AppCode information and click OK.

**Table 1** AppCode configuration
Parameter	Description
AppCode Type	Select the method for generating an AppCode. Automatically generated: An AppCode is generated by the system. Custom: Specify an AppCode.
AppCode	Enter an AppCode if you set AppCode Type to Custom.

Using AppCode for Simple Authentication of API Requests

When creating an API, set Authentication Mode to App and enable Simple Authentication.

After you enable simple authentication for an existing API, you need to publish the API again to make the configuration take effect.
Bind a credential to the API.
When sending a request, add the X-Apig-AppCode parameter to the request header and omit the request signature.
For example, when using curl, add the X-Apig-AppCode parameter to the request header and set the parameter value to the generated AppCode.
```
curl -X GET "https://api.exampledemo.com/testapi" -H "content-type: application/json"  -H "host: api.exampledemo.com" -H "X-Apig-AppCode: xhrJVJKABSOxc7d***********FZL4gSHEXkCMQC"
```