Creating a Signature Key
Function
To ensure API security, tenants are advised to provide a protection mechanism for API access. That is, for APIs exposed by tenants, the request sources must be authenticated. Requests that do not meet the authentication requirements will be rejected.
The signature key is one of the API security protection mechanisms.
A tenant creates a signature key and binds it to an API. When requesting the API, ROMA Connect APIC uses the bound signature key to encrypt the request parameters and generate a signature. When a tenant's backend service receives a request, it verifies the signature. If the signature verification fails, the request is not sent by ROMA Connect APIC. In this case, the tenant can reject the request to ensure API security and prevent the API from being attacked by requests from unknown sources.
URI
POST /v2/{project_id}/apic/instances/{instance_id}/signs
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID. For details about how to obtain the project ID, see Appendix > Obtaining a Project ID in the ROMA Connect API Reference. |
instance_id |
Yes |
String |
Instance ID. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header). |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
name |
Yes |
String |
Signature key name. The value can contain only letters, digits, and underscores(_) and must start with a letter.
NOTE:
Characters must be in UTF-8 or Unicode format. Minimum: 3 Maximum: 64 |
sign_type |
No |
String |
Signature key type.
The basic key type requires the instance to be upgraded to the corresponding version. If the basic key configuration does not exist in the instance, contact technical support to upgrade the instance. The public_key type can be used only when public_key is enabled for the instance. For details about the instance feature configuration, see Appendix > APIC Features Supported by ROMA Connect Instances in the API Reference. If the public_key configuration does not exist in the instance, contact technical support to enable public_key. |
sign_key |
No |
String |
Signature key.
|
sign_secret |
No |
String |
Signature secret.
|
Response Parameters
Status code: 201
Parameter |
Type |
Description |
---|---|---|
name |
String |
Signature key name. The value can contain only letters, digits, and underscores(_) and must start with a letter.
NOTE:
Characters must be in UTF-8 or Unicode format. Minimum: 3 Maximum: 64 |
sign_type |
String |
Signature key type.
The basic key type requires the instance to be upgraded to the corresponding version. If the basic key configuration does not exist in the instance, contact technical support to upgrade the instance. The public_key type can be used only when public_key is enabled for the instance. For details about the instance feature configuration, see Appendix > APIC Features Supported by ROMA Connect Instances in the API Reference. If the public_key configuration does not exist in the instance, contact technical support to enable public_key. |
sign_key |
String |
Signature key.
|
sign_secret |
String |
Signature secret.
|
update_time |
String |
Update time. |
create_time |
String |
Creation time. |
id |
String |
Signature key ID. |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error description. |
Status code: 401
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error description. |
Status code: 403
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error description. |
Status code: 404
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error description. |
Status code: 500
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error description. |
Example Requests
{ "name" : "signature_demo", "sign_key" : "signkeysignkey", "sign_secret" : "signsecretsignsecretsignsecretsignsecret" }
Example Responses
Status code: 201
Created
{ "sign_secret" : "signsecretsignsecretsignsecretsignsecret", "update_time" : "2020-08-03T03:39:38.119032888Z", "create_time" : "2020-08-03T03:39:38.119032659Z", "name" : "signature_demo", "id" : "0b0e8f456b8742218af75f945307173c", "sign_key" : "signkeysignkey", "sign_type" : "hmac" }
Status code: 400
Bad Request
{ "error_code" : "APIG.2011", "error_msg" : "Invalid parameter value,parameterName:name. Please refer to the support documentation" }
Status code: 401
Unauthorized
{ "error_code" : "APIG.1002", "error_msg" : "Incorrect token or token resolution failed" }
Status code: 403
Forbidden
{ "error_code" : "APIG.1005", "error_msg" : "No permissions to request this method" }
Status code: 404
Not Found
{ "error_code" : "APIG.3030", "error_msg" : "The instance does not exist;id:f0fa1789-3b76-433b-a787-9892951c620ec" }
Status code: 500
Internal Server Error
{ "error_code" : "APIG.9999", "error_msg" : "System error" }
Status Codes
Status Code |
Description |
---|---|
201 |
Created |
400 |
Bad Request |
401 |
Unauthorized |
403 |
Forbidden |
404 |
Not Found |
500 |
Internal Server Error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot