Updated on 2023-06-29 GMT+08:00

Creating a Custom Authorizer

Function

Creating a Custom Authorizer

URI

POST /v2/{project_id}/apic/instances/{instance_id}/authorizers

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For details about how to obtain the project ID, see Appendix > Obtaining a Project ID in the ROMA Connect API Reference.

instance_id

Yes

String

Instance ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Custom authorizer name. The value contains 3 to 64 characters, including letters, digits, and underscores (_). The value must start with a letter.

type

Yes

String

Custom authorizer type.

  • FRONTEND

  • BACKEND

authorizer_type

Yes

String

Type of the custom authentication function.

  • LD: custom backend function

  • FUNC: FunctionGraph function

authorizer_uri

Yes

String

Function URN.

Note: To use a custom backend function API, the API request method must be POST and the API status must be Deployed.

authorizer_version

No

String

Function version.

If both the alias and version are specified, the version will be ignored and only the alias will be used.

Maximum: 64

authorizer_alias_uri

No

String

Function alias.

If both the alias and version are specified, the version will be ignored and only the alias will be used.

identities

No

Array of Identity objects

Authentication source.

ttl

No

Integer

Cache time.

user_data

No

String

User data.

ld_api_id

No

String

Custom backend service ID.

This parameter is mandatory when the type of the user-defined authentication function is LD.

need_body

No

Boolean

Indicates whether to send request body.

Table 4 Identity

Parameter

Mandatory

Type

Description

name

Yes

String

Parameter name.

The value must start with a digit or letter, and can include digits, letters, underscores (_), hyphens (-), and periods (.).

Minimum: 0

Maximum: 32

location

Yes

String

Parameter location.

validation

No

String

Parameter verification expression. The default value is null, indicating that no verification is performed.

Maximum: 1024

Response Parameters

Status code: 201

Table 5 Response body parameters

Parameter

Type

Description

name

String

Custom authorizer name. The value contains 3 to 64 characters, including letters, digits, and underscores (_). The value must start with a letter.

type

String

Custom authorizer type.

  • FRONTEND

  • BACKEND

authorizer_type

String

Type of the custom authentication function.

  • LD: custom backend function

  • FUNC: FunctionGraph function

authorizer_uri

String

Function URN.

Note: To use a custom backend function API, the API request method must be POST and the API status must be Deployed.

authorizer_version

String

Function version.

If both the alias and version are specified, the version will be ignored and only the alias will be used.

Maximum: 64

authorizer_alias_uri

String

Function alias.

If both the alias and version are specified, the version will be ignored and only the alias will be used.

identities

Array of Identity objects

Authentication source.

ttl

Integer

Cache time.

user_data

String

User data.

ld_api_id

String

Custom backend service ID.

This parameter is mandatory when the type of the user-defined authentication function is LD.

need_body

Boolean

Indicates whether to send request body.

id

String

Custom authorizer ID.

create_time

String

Creation time.

roma_app_id

String

ID of the application to which the custom authorizer belongs.

roma_app_name

String

Name of the application to which the custom authorizer belongs.

Table 6 Identity

Parameter

Type

Description

name

String

Parameter name.

The value must start with a digit or letter, and can include digits, letters, underscores (_), hyphens (-), and periods (.).

Minimum: 0

Maximum: 32

location

String

Parameter location.

validation

String

Parameter verification expression. The default value is null, indicating that no verification is performed.

Maximum: 1024

Status code: 400

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 401

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 403

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 404

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 500

Table 11 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Example Requests

{
  "name" : "Authorizer_demo",
  "type" : "FRONTEND",
  "authorizer_type" : "LD",
  "ld_api_id" : "6f8e61317e4e4fbf8e8220cc19fcced9",
  "authorizer_uri" : "/test",
  "authorizer_version" : "",
  "authorizer_alias_uri" : "",
  "identities" : [ {
    "name" : "header",
    "location" : "HEADER"
  } ],
  "ttl" : 5
}

Example Responses

Status code: 201

Created

{
  "name" : "Authorizer_demo",
  "type" : "FRONTEND",
  "authorizer_type" : "LD",
  "authorizer_uri" : "/test",
  "authorizer_version" : "",
  "authorizer_alias_uri" : "",
  "identities" : [ {
    "name" : "header",
    "location" : "HEADER"
  } ],
  "ttl" : 5,
  "id" : "0d982c1ac3da493dae47627b6439fc5c",
  "create_time" : "2020-09-23T02:32:10.354159293Z",
  "need_body" : true
}

Status code: 400

Bad Request

{
  "error_code" : "APIG.2011",
  "error_msg" : "Invalid parameter value,parameterName:type. Please refer to the support documentation"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3019",
  "error_msg" : "The function URN does not exist"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code

Description

201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

500

Internal Server Error

Error Codes

See Error Codes.