Creating a Signature Key
Function
It is a good practice to provide a protection mechanism for APIs to ensure access security. For example, authenticating API request sources and denying the access from unauthorized sources.
A signature key is a protection mechanism in case.
Create a signature key and bind it to an API. When requesting the API, APIG uses the signature key to encrypt request parameter data and generate a signature. The backend service of the API verifies requests by using the signature. Unauthorized requests will be denied to protect the API against attacks from unknown sources.
URI
The following table lists the HTTP/HTTPS request method and URI of the API.
|
Request Method |
URI |
|---|---|
|
POST |
/v1.0/apigw/signs |
Request
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
name |
Yes |
String |
Signature key name The name of a signature key consists of 3–64 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed. |
|
sign_key |
No |
String |
Signature key A signature key consists of 8–32 characters, starting with a letter or digit. Only letters, digits, hyphens (-), and underscores (_) are allowed. A key is automatically generated by the backend if no key is specified. |
|
sign_secret |
No |
String |
Signature secret A signature secret consists of 16–64 characters, starting with a letter or digit. Only letters, digits, and special characters (-_!@#$%) are allowed. A value is automatically generated by the backend if no value is specified. |
Example request:
{
"name": "signature01",
"sign_key": "abcd_123",
"sign_secret": "******"
}
Response
|
Parameter |
Type |
Description |
|---|---|---|
|
id |
String |
Signature key ID |
|
name |
String |
Signature key name |
|
sign_key |
String |
Signature key |
|
sign_secret |
String |
Signature secret |
|
create_time |
Timestamp |
Time when the signature key is created |
|
update_time |
Timestamp |
Time when the signature key was last updated |
Example response:
{
"name": "signature01",
"sign_key": "abcd_123",
"sign_secret": "******",
"id": "3a793b65a9034bdfae08924f149bfb4a",
"create_time": "2018-02-06T12:17:36.039953112Z",
"update_time": "2018-02-06T12:17:36.039954198Z"
}
Status Codes
|
Status Code |
Description |
|---|---|
|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
403 |
Forbidden |
|
500 |
Server Internal Error |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
