Updated on 2025-10-22 GMT+08:00

Creating an API

Function

This API is used to create an API. An API is an interface that encapsulates a set of service capabilities. The definition of an API is divided into two parts: how the API is called by users, and how ROMA Connect accesses the actual backend service requested by users. The following backend services are supported: HTTP/HTTPS web, FunctionGraph, and MOCK.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

URI

POST /v2/{project_id}/apic/instances/{instance_id}/apis

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For details about how to obtain the project ID, see Appendix > Obtaining a Project ID in the ROMA Connect API Reference.

instance_id

Yes

String

Instance ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

name

Yes

String

API name.

The value can contain 3 to 255 characters, including letters, digits, hyphens (-), underscores (_), periods (.), slashes (/), parentheses, and colons (:). The value must start with a letter or digit.

type

Yes

Integer

API type.

  • 1: public

  • 2: private

version

No

String

API version.

req_protocol

Yes

String

API request protocol. Options:

  • HTTP

  • HTTPS

  • BOTH: Both HTTP and HTTPS are supported.

  • GRPCS

req_method

Yes

String

API request method. If the request protocol is set to GRPC, the request method is fixed to POST.

req_uri

Yes

String

Request address. It can contain request parameters enclosed with braces ({}). For example, /getUserInfo/{userId}. Special characters, such as asterisks (*), slashes (/), percent signs (%), hyphens (-), underscores (_), and periods (.), are allowed. It can contain a maximum of 512 characters and must comply with the URI specifications.

If the request protocol is set to GRPC, the request address is fixed to /.

/apic/health_check is the preset health check path. If req_method is set to GET, req_uri=/apic/health_check is not supported.

NOTE:
The address must comply with the URI specifications.

auth_type

Yes

String

API authentication mode. Options:

  • NONE: no authentication

  • APP: App authentication

  • IAM: IAM authentication

  • AUTHORIZER: custom authentication. When auth_type is set to AUTHORIZER, the authorizer_id field is mandatory.

auth_opt

No

AuthOpt object

Security authentication parameter.

cors

No

Boolean

Whether CORS is supported.

  • TRUE: supported

  • FALSE: not supported

trace_enabled

No

Boolean

Whether to enable tracing. By default, it is disabled.

sampling_strategy

No

String

Sampling policy. This parameter is mandatory when tracing is enabled.

  • RATE: sampling by percentage

sampling_param

No

String

Sampling parameter.

  • When sampling by percentage, the value of this parameter is an integer ranging from 0 to 100. The default value is 100, which indicates all requests are sampled. It is recommended that align the value with the backend sampling percentage.

match_mode

No

String

Match mode of an API.

  • SWA: prefix match

  • NORMAL: exact match (default)

The default value is NORMAL.

backend_type

Yes

String

Backend type. Options:

  • HTTP: web backend

  • FUNCTION: FunctionGraph backend. When backend_type is set to FUNCTION, func_info is mandatory.

  • MOCK: Mock backend. When backend_type is set to MOCK, mock_info is mandatory.

  • GRPC: gRPC backend.

Policy backends are not subject to this parameter.

remark

No

String

API description, with a maximum of 255 characters.

Angle brackets (<>) are not allowed.

NOTE:
Chinese characters must be in UTF-8 or Unicode format.

group_id

Yes

String

ID of the API group to which the API belongs.

body_remark

No

String

API request body, which can be an example request body, media type, or parameters.

result_normal_sample

No

String

Example response for a successful request.

NOTE:
Chinese characters must be in UTF-8 or Unicode format.

This is unavailable if the request protocol is set to GRPC.

result_failure_sample

No

String

Example response for a failed request.

NOTE:
Chinese characters must be in UTF-8 or Unicode format.

This is unavailable if the request protocol is set to GRPC.

authorizer_id

No

String

ID of the frontend custom authorizer.

tags

No

Array of strings

Tags

Use letters, digits, and special characters (-*#%.:_) and start with a letter.

By default, 10 tags are supported. To increase the quota, contact technical support to modify the API_TAG_NUM_LIMIT configuration.

response_id

No

String

Group response ID.

This parameter is currently not supported.

roma_app_id

No

String

ID of the integration application to which an API belongs.

This parameter is mandatory when the API group is a global group or when an API is bound to a user-defined domain name.

domain_name

No

String

User-defined domain name bound to the API. If a user-defined domain name is used, the roma_app_id field is mandatory.

tag

No

String

Tag.

This field will be deprecated. You can use the tags field instead.

content_type

No

String

Request content type:

application/json

application/xml

multipart/form-data

text/plain

is_send_fg_body_base64

No

Boolean

Specifies whether to perform Base64 encoding on the body for interaction with FunctionGraph. The body does not need to be encoded using Base64 only when content_type is set to application/json.

Application scenarios:

  • Custom authentication

  • Bound circuit breaker plug-in with FunctionGraph backend downgrade policy

  • APIs with FunctionGraph backend

mock_info

No

ApiMockCreate object

Mock backend details.

func_info

No

ApiFuncCreate object

FunctionGraph backend details.

req_params

No

Array of ReqParamBase objects

Request parameters. This is unavailable if the request protocol is set to GRPC.

backend_params

No

Array of BackendParamBase objects

Backend parameters. This is unavailable if the request protocol is set to GRPC.

policy_mocks

No

Array of ApiPolicyMockCreate objects

Mock policy backend information.

policy_functions

No

Array of ApiPolicyFunctionCreate objects

FunctionGraph policy backends

backend_api

No

BackendApiCreate object

Web backend details

policy_https

No

Array of ApiPolicyHttpCreate objects

Web policy backends.

Table 4 AuthOpt

Parameter

Mandatory

Type

Description

app_code_auth_type

No

String

Indicates whether AppCode authentication is enabled. This parameter is valid only if auth_type is set to App. The default value is DISABLE.

  • DISABLE: AppCode authentication is disabled.

  • HEADER: AppCode authentication is enabled and the AppCode is located in the header.

Table 5 ApiMockCreate

Parameter

Mandatory

Type

Description

remark

No

String

Description.

result_content

No

String

Response.

version

No

String

Version. Ensure that the version does not exceed 64 characters.

authorizer_id

No

String

Backend custom authorizer ID.

status_code

No

Integer

Customized status code of the mock backend:

"200": "OK",

"201": "Created",

"202": "Accepted",

"203": "NonAuthoritativeInformation",

"204": "NoContent",

"205": "ResetContent",

"206": "PartialContent",

"300": "MultipleChoices",

"301": "MovedPermanently",

"302": "Found",

"303": "SeeOther",

"304": "NotModified",

"305": "UseProxy",

"306": "Unused",

"307": "TemporaryRedirect",

"400": "BadRequest",

"401": "Unauthorized",

"402": "PaymentRequired",

"403": "Forbidden",

"404": "NotFound",

"405": "MethodNotAllowed",

"406": "NotAcceptable",

"407": "ProxyAuthenticationRequired",

"408": "RequestTimeout",

"409": "Conflict",

"410": "Gone",

"411": "LengthRequired",

"412": "PreconditionFailed",

"413": "RequestEntityTooLarge",

"414": "RequestURITooLong",

"415": "UnsupportedMediaType",

"416": "RequestedRangeNotSatisfiable",

"417": "ExpectationFailed",

"450": "ParameterRequried",

"451": "MethodConnectException",

"500": "InternalServerError",

"501": "NotImplemented",

"502": "BadGateway",

"503": "ServiceUnavailable",

"504": "GatewayTimeout",

"505": "HTTPVersionNotSupported"

header

No

String

Custom response header of the mock backend.

Format: [{"key":"","value": "", "remark:""}, {"key2":"","value2": "","remark2:""}]

Description:

key: key of the mock backend's custom response header. It must start with a letter or digit, and can include only letters, digits, and hyphens (-) (max. 64 characters).

value: value of the mock backend's custom response header. This parameter cannot be empty (max. 10,240 characters).

remark: remark of the mock backend's custom response header. This parameter can be empty (max. 2048 characters).

Table 6 ApiFuncCreate

Parameter

Mandatory

Type

Description

function_urn

Yes

String

Function URN.

network_type

No

String

Network architecture type of the function. Options:

  • V1: non-VPC

  • V2: VPC

remark

No

String

Description.

invocation_type

Yes

String

Invocation mode.

  • async: asynchronous

  • sync: synchronous

version

No

String

Version of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

alias_urn

No

String

Alias URN of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

timeout

Yes

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

authorizer_id

No

String

Backend custom authorizer ID.

Table 7 ReqParamBase

Parameter

Mandatory

Type

Description

name

Yes

String

Parameter name.

The value can contain letters, digits, hyphens (-), underscores (_), and periods (.) and must start with a letter.

type

Yes

String

Parameter type.

location

Yes

String

Parameter location.

default_value

No

String

Default value.

sample_value

No

String

Example value.

required

No

Integer

Indicates whether the parameter is mandatory.

  • 1: The parameter is mandatory.

  • 2: The parameter is optional.

The value of this parameter is 1 if Location is set to PATH, and 2 if Location is set to another value.

valid_enable

No

Integer

Indicates whether validity check is enabled.

  • 1: enabled

  • 2: disabled

remark

No

String

Description.

enumerations

No

String

Enumerated value.

min_num

No

Integer

Minimum value.

This parameter is valid when type is set to NUMBER.

max_num

No

Integer

Maximum value.

This parameter is valid when type is set to NUMBER.

min_size

No

Integer

Minimum length.

This parameter is valid when type is set to STRING.

max_size

No

Integer

Maximum length.

This parameter is valid when type is set to STRING.

regular

No

String

Regular expression validation rule.

This parameter is currently not supported.

json_schema

No

String

JSON validation rule.

This parameter is currently not supported.

pass_through

No

Integer

Indicates whether to transparently transmit the parameter.

  • 1: The parameter is transparently transmitted.

  • 2: The parameter is not transparently transmitted.

orchestrations

No

Array of strings

Request parameter orchestration rules.

Request parameter orchestration rules are prioritized in the same sequence as the list.

The none_value rule in a rule list has the highest priority. A maximum of one none_value rule can be bound.

The default rule in a rule list has the lowest priority. A maximum of one default rule can be bound.

The preprocessing orchestration rule cannot be used as the last orchestration rule except the default rule.

Only one parameter of each API can be bound with unique orchestration rules. The number of orchestration rules that can be bound is limited by quota. For details, see "Quotas" in ROMA Connect Service Overview.

Table 8 ApiPolicyMockCreate

Parameter

Mandatory

Type

Description

result_content

No

String

Response.

status_code

No

Integer

Customized status code of the mock backend:

"200": "OK",

"201": "Created",

"202": "Accepted",

"203": "NonAuthoritativeInformation",

"204": "NoContent",

"205": "ResetContent",

"206": "PartialContent",

"300": "MultipleChoices",

"301": "MovedPermanently",

"302": "Found",

"303": "SeeOther",

"304": "NotModified",

"305": "UseProxy",

"306": "Unused",

"307": "TemporaryRedirect",

"400": "BadRequest",

"401": "Unauthorized",

"402": "PaymentRequired",

"403": "Forbidden",

"404": "NotFound",

"405": "MethodNotAllowed",

"406": "NotAcceptable",

"407": "ProxyAuthenticationRequired",

"408": "RequestTimeout",

"409": "Conflict",

"410": "Gone",

"411": "LengthRequired",

"412": "PreconditionFailed",

"413": "RequestEntityTooLarge",

"414": "RequestURITooLong",

"415": "UnsupportedMediaType",

"416": "RequestedRangeNotSatisfiable",

"417": "ExpectationFailed",

"450": "ParameterRequried",

"451": "MethodConnectException",

"500": "InternalServerError",

"501": "NotImplemented",

"502": "BadGateway",

"503": "ServiceUnavailable",

"504": "GatewayTimeout",

"505": "HTTPVersionNotSupported"

header

No

String

Custom response header of the mock backend.

Format: [{"key":"","value": "", "remark:""}, {"key2":"","value2": "","remark2:""}]

Description:

key: key of the mock backend's custom response header. It must start with a letter or digit, and can include only letters, digits, and hyphens (-) (max. 64 characters).

value: value of the mock backend's custom response header. This parameter cannot be empty (max. 10,240 characters).

remark: remark of the mock backend's custom response header. This parameter can be empty (max. 2048 characters).

effect_mode

Yes

String

Effective mode of the backend policy.

  • ALL: All conditions are met.

  • ANY: Any condition is met.

name

Yes

String

Backend name, which must start with a letter and can contain letters, digits, hyphens (-), and underscores (_).

backend_params

No

Array of BackendParamBase objects

Backend parameters. This is unavailable for the GRPC backend.

conditions

Yes

Array of ApiConditionCreate objects

Policy conditions

authorizer_id

No

String

Backend custom authorizer ID.

Table 9 ApiPolicyFunctionCreate

Parameter

Mandatory

Type

Description

function_urn

Yes

String

Function URN.

network_type

No

String

Network architecture type of the function. Options:

  • V1: non-VPC

  • V2: VPC

invocation_type

Yes

String

Invocation mode.

  • async: asynchronous

  • sync: synchronous

timeout

Yes

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

version

No

String

Version of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

alias_urn

No

String

Alias URN of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

effect_mode

Yes

String

Effective mode of the backend policy.

  • ALL: All conditions are met.

  • ANY: Any condition is met.

name

Yes

String

Backend name, which must start with a letter and can contain letters, digits, hyphens (-), and underscores (_).

backend_params

No

Array of BackendParamBase objects

Backend parameters. This is unavailable for the GRPC backend.

conditions

Yes

Array of ApiConditionCreate objects

Policy conditions

authorizer_id

No

String

Backend custom authorizer ID.

Table 10 BackendApiCreate

Parameter

Mandatory

Type

Description

authorizer_id

No

String

Backend custom authorizer ID.

url_domain

No

String

Backend service address If no VPC channel is used, url_domain is mandatory.

The value consists of the host (IP address or domain name) and port number with a maximum of 255 characters, in the format of host:port number (for example, apig.example.com:7443). If the port number is not specified, HTTPS port number defaults to 443 and HTTP port number defaults to 80.

Environment variables are supported. Each must start with a letter and can consist of 3 to 32 characters. Only letters, digits, hyphens (-), and underscores (_) are allowed.

req_protocol

Yes

String

Request protocol. You can select GRPC or GRPCS for the GRPC backend.

remark

No

String

Description.

req_method

Yes

String

Request method. For the GRPC backend, the request method is fixed to POST.

version

No

String

Web backend version, which can contain a maximum of 16 characters.

req_uri

Yes

String

Request address. It can contain request parameters enclosed with braces ({}). For example, /getUserInfo/{userId}. Special characters, such as asterisks (*), slashes (/), percent signs (%), hyphens (-), underscores (_), and periods (.), are allowed. It can contain a maximum of 512 characters and must comply with URI specifications.

Environment variables are supported. Each must start with a letter and can consist of 3 to 32 characters. Only letters, digits, hyphens (-), and underscores (_) are allowed.

NOTE:
The address must comply with the URI specifications.

For the GRPC backend, the request address is fixed to /.

timeout

Yes

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

enable_client_ssl

No

Boolean

Whether to enable two-way authentication.

retry_count

No

String

Number of retry attempts to request the backend service. Default: –1. Range: –1 to 10.

–1 indicates that idempotent APIs will retry once and non-idempotent APIs will not retry. POST and PATCH are non-idempotent. GET, HEAD, PUT, OPTIONS, and DELETE are idempotent.

enable_sm_channel

No

Boolean

Whether to enable SM cryptographic algorithms.

This feature is only available if the instance supports the SM cryptographic algorithms.

vpc_channel_info

No

VpcInfo object

VPC channel details. This parameter is required if vpc_channel_status is set to 1.

vpc_channel_status

No

Integer

Whether to use a VPC channel:

  • 1: yes

  • 2: no

Table 11 ApiPolicyHttpCreate

Parameter

Mandatory

Type

Description

url_domain

No

String

Endpoint of the policy backend. The value consists of a domain name (or an IP address) and a port number. The total length cannot exceed 255 characters. The value is in Domain name:Port number format, for example, apig.example.com:7443. If the port number is not specified, the default HTTPS port number is 443 and the default HTTP port number is 80.Environment variables are supported. If environment variables are used, each variable name must contain 3 to 32 characters, including letters, digits, underscores (_), and hyphens (-). The value must start with a letter.

req_protocol

Yes

String

Request protocol. Options include HTTP, HTTPS, GRPC, or GRPCS. You can select GRPC or GRPCS for the GRPC backend.

req_method

Yes

String

Request method. Options: GET, POST, PUT, DELETE, HEAD, PATCH, OPTIONS, and ANY. This is fixed to POST for the GRPC backend.

req_uri

Yes

String

Request address. It can contain request parameters enclosed with braces ({}). For example, /getUserInfo/{userId}. Special characters, such as asterisks (*), slashes (/), percent signs (%), hyphens (-), underscores (_), and periods (.), are allowed. It can contain a maximum of 512 characters and must comply with URI specifications.

Environment variables are supported. Each must start with a letter and can consist of 3 to 32 characters. Only letters, digits, hyphens (-), and underscores (_) are allowed.

NOTE:
The address must comply with the URI specifications.

For the GRPC backend, the request address is fixed to /.

timeout

No

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

enable_client_ssl

No

Boolean

Whether to enable two-way authentication.

retry_count

No

String

Number of retry attempts to request the backend service. Default: –1. Range: –1 to 10.

–1 indicates that idempotent APIs will retry once and non-idempotent APIs will not retry. POST and PATCH are non-idempotent. GET, HEAD, PUT, OPTIONS, and DELETE are idempotent.

enable_sm_channel

No

Boolean

Whether to enable SM cryptographic algorithms.

This feature is only available if the instance supports the SM cryptographic algorithms.

effect_mode

Yes

String

Effective mode of the backend policy.

  • ALL: All conditions are met.

  • ANY: Any condition is met.

name

Yes

String

Backend name, which must start with a letter and can contain letters, digits, hyphens (-), and underscores (_).

backend_params

No

Array of BackendParamBase objects

Backend parameters. This is unavailable for the GRPC backend.

conditions

Yes

Array of ApiConditionCreate objects

Policy conditions

authorizer_id

No

String

Backend custom authorizer ID.

vpc_channel_info

No

VpcInfo object

VPC channel details. This parameter is required if vpc_channel_status is set to 1.

vpc_channel_status

No

Integer

Whether to use a VPC channel:

  • 1: yes

  • 2: no

Table 12 BackendParamBase

Parameter

Mandatory

Type

Description

name

Yes

String

Parameter name,

which must start with a letter and can only contain letters, digits, hyphens (-), underscores (_), and periods (.).

location

Yes

String

Parameter location. The value can be PATH, QUERY, or HEADER.

origin

Yes

String

Parameter type. The value can be REQUEST, CONSTANT, and SYSTEM.

value

Yes

String

Parameter value, with a maximum of 255 characters.

If the origin type is REQUEST, the value of this parameter is the parameter name in req_params.

If the origin type is CONSTANT, the value is a constant.

If the origin type is SYSTEM, the value is a system parameter name. System parameters include gateway parameters, frontend authentication parameters, and backend authentication parameters. You can set the frontend or backend authentication parameters after enabling custom frontend or backend authentication.

The gateway parameters are as follows:

  • $context.sourceIp: source IP address of the API caller

  • $context.stage: deployment environment in which the API is called

  • $context.apiName: API name

  • $context.apiId: API ID

  • $context.appName: name of the app used by the API caller

  • $context.appId: ID of the app used by the API caller

  • $context.requestId: request ID generated when the API is called

  • $context.serverAddr: address of the gateway server

  • $context.serverName: name of the gateway server

  • $context.handleTime: processing time of the API request

  • $context.providerAppId: ID of the app used by the API owner (not supported)

  • $context.clientCertCN: client certificate CN carried in the API invoking when client authentication is enabled

Frontend authentication parameter: prefixed with "$context.authorizer.frontend.". For example, to return "aaa" upon successful custom authentication, set this parameter to "$context.authorizer.frontend.aaa".

Backend authentication parameter: prefixed with "$context.authorizer.backend.". For example, to return "aaa" upon successful custom authentication, set this parameter to "$context.authorizer.backend.aaa".

remark

No

String

Description.

Table 13 ApiConditionCreate

Parameter

Mandatory

Type

Description

req_param_name

No

String

Input parameter name. This parameter is required if the policy type is param.

sys_param_name

No

String

System parameter name. This parameter is mandatory when the policy type is set to system. The following system parameters are supported:

  • req_path: request path, such as /a/b

  • req_method: request method, such as GET

cookie_param_name

No

String

COOKIE parameter name. This parameter is required if the policy type is cookie.

frontend_authorizer_param_name

No

String

Frontend authorizer parameter name (system parameter). This parameter is required if the policy type is frontend_authorizer. The frontend authentication parameter name is prefixed with $context.authorizer.frontend. For example, if the frontend authentication parameter name is user_name, add the prefix and the value is $context.authorizer.frontend.user_name.

condition_type

No

String

Policy condition.

  • exact: Exact match.

  • enum: Enumeration.

  • pattern: Regular expression.

This parameter is mandatory when the policy type is param, cookie, or frontend_authorizer.

condition_origin

Yes

String

Policy type

  • param: Parameter.

  • source: Source IP.

  • system: Built-in gateway parameter (system parameter).

  • cookie: COOKIE parameter.

  • frontend_authorizer: Frontend authorizer parameter (system parameter).

  • orchestration: Parameter orchestration rule.

condition_value

Yes

String

Policy value, which is required when the policy type is param, source, cookie, or frontend_authorizer.

mapped_param_name

No

String

Name of a parameter generated after orchestration. This parameter is mandatory when condition_origin is set to orchestration. The generated parameter name must exist in the orchestration rule bound to the API.

mapped_param_location

No

String

Location of a parameter generated after orchestration. This parameter is mandatory when condition_origin is set to orchestration. This location must exist in the orchestration rule bound to the API.

Table 14 VpcInfo

Parameter

Mandatory

Type

Description

ecs_id

No

String

Cloud server ID.

ecs_name

No

String

Cloud server name.

cascade_flag

No

Boolean

Indicates whether to use the cascading mode.

This parameter is currently not supported.

vpc_channel_proxy_host

No

String

Proxy host.

vpc_channel_id

Yes

String

VPC channel ID.

vpc_channel_port

No

Integer

VPC channel port.

Response Parameters

Status code: 201

Table 15 Response body parameters

Parameter

Type

Description

name

String

API name.

The value can contain 3 to 255 characters, including letters, digits, hyphens (-), underscores (_), periods (.), slashes (/), parentheses, and colons (:). The value must start with a letter or digit.

type

Integer

API type.

  • 1: public

  • 2: private

version

String

API version.

req_protocol

String

API request protocol. Options:

  • HTTP

  • HTTPS

  • BOTH: Both HTTP and HTTPS are supported.

  • GRPCS

req_method

String

API request method. If the request protocol is set to GRPC, the request method is fixed to POST.

req_uri

String

Request address. It can contain request parameters enclosed with braces ({}). For example, /getUserInfo/{userId}. Special characters, such as asterisks (*), slashes (/), percent signs (%), hyphens (-), underscores (_), and periods (.), are allowed. It can contain a maximum of 512 characters and must comply with the URI specifications.

If the request protocol is set to GRPC, the request address is fixed to /.

/apic/health_check is the preset health check path. If req_method is set to GET, req_uri=/apic/health_check is not supported.

NOTE:
The address must comply with the URI specifications.

auth_type

String

API authentication mode. Options:

  • NONE: no authentication

  • APP: App authentication

  • IAM: IAM authentication

  • AUTHORIZER: custom authentication. When auth_type is set to AUTHORIZER, the authorizer_id field is mandatory.

auth_opt

AuthOpt object

Security authentication parameter.

cors

Boolean

Whether CORS is supported.

  • TRUE: supported

  • FALSE: not supported

trace_enabled

Boolean

Whether to enable tracing. By default, it is disabled.

sampling_strategy

String

Sampling policy. This parameter is mandatory when tracing is enabled.

  • RATE: sampling by percentage

sampling_param

String

Sampling parameter.

  • When sampling by percentage, the value of this parameter is an integer ranging from 0 to 100. The default value is 100, which indicates all requests are sampled. It is recommended that align the value with the backend sampling percentage.

match_mode

String

Match mode of an API.

  • SWA: prefix match

  • NORMAL: exact match (default)

The default value is NORMAL.

backend_type

String

Backend type. Options:

  • HTTP: web backend

  • FUNCTION: FunctionGraph backend. When backend_type is set to FUNCTION, func_info is mandatory.

  • MOCK: Mock backend. When backend_type is set to MOCK, mock_info is mandatory.

  • GRPC: gRPC backend.

Policy backends are not subject to this parameter.

remark

String

API description, with a maximum of 255 characters.

Angle brackets (<>) are not allowed.

NOTE:
Chinese characters must be in UTF-8 or Unicode format.

group_id

String

ID of the API group to which the API belongs.

body_remark

String

API request body, which can be an example request body, media type, or parameters.

result_normal_sample

String

Example response for a successful request.

NOTE:
Chinese characters must be in UTF-8 or Unicode format.

This is unavailable if the request protocol is set to GRPC.

result_failure_sample

String

Example response for a failed request.

NOTE:
Chinese characters must be in UTF-8 or Unicode format.

This is unavailable if the request protocol is set to GRPC.

authorizer_id

String

ID of the frontend custom authorizer.

tags

Array of strings

Tags

Use letters, digits, and special characters (-*#%.:_) and start with a letter.

By default, 10 tags are supported. To increase the quota, contact technical support to modify the API_TAG_NUM_LIMIT configuration.

response_id

String

Group response ID.

This parameter is currently not supported.

roma_app_id

String

ID of the integration application to which an API belongs.

This parameter is mandatory when the API group is a global group or when an API is bound to a user-defined domain name.

domain_name

String

User-defined domain name bound to the API. If a user-defined domain name is used, the roma_app_id field is mandatory.

tag

String

Tag.

This field will be deprecated. You can use the tags field instead.

content_type

String

Request content type:

application/json

application/xml

multipart/form-data

text/plain

is_send_fg_body_base64

Boolean

Specifies whether to perform Base64 encoding on the body for interaction with FunctionGraph. The body does not need to be encoded using Base64 only when content_type is set to application/json.

Application scenarios:

  • Custom authentication

  • Bound circuit breaker plug-in with FunctionGraph backend downgrade policy

  • APIs with FunctionGraph backend

id

String

API ID.

status

Integer

API status:

  • 1: Valid

  • 2: Locked

arrange_necessary

Integer

Whether to enable orchestration. Options: 1 (enable) and 2 (disable)

register_time

String

Time when the API is registered.

update_time

String

Time when the API was last modified.

group_name

String

Name of the API group to which the API belongs.

group_version

String

Version of the API group to which the API belongs.

run_env_name

String

Name of the environment in which the API has been published.

Separate multiple environment names with vertical bars (|).

run_env_id

String

ID of the environment in which the API has been published.

Separate multiple environment IDs with vertical bars (|).

publish_id

String

Publication record ID.

Separate multiple publication record IDs with vertical bars (|).

publish_time

String

Publication time.

Separate the time of multiple publication records with vertical bars (|).

roma_app_name

String

Name of the integration application to which the API belongs.

ld_api_id

String

ID of the corresponding custom backend API.

backend_api

BackendApi object

Web backend details

api_group_info

ApiGroupCommonInfo object

API group information.

func_info

ApiFunc object

FunctionGraph backend details.

mock_info

ApiMock object

Mock backend details.

req_params

Array of ReqParam objects

Request parameters.

backend_params

Array of BackendParam objects

Backend parameters.

policy_functions

Array of ApiPolicyFunctionResp objects

FunctionGraph policy backends

policy_mocks

Array of ApiPolicyMockResp objects

Mock policy backend information.

policy_https

Array of ApiPolicyHttpResp objects

Web policy backends.

Table 16 AuthOpt

Parameter

Type

Description

app_code_auth_type

String

Indicates whether AppCode authentication is enabled. This parameter is valid only if auth_type is set to App. The default value is DISABLE.

  • DISABLE: AppCode authentication is disabled.

  • HEADER: AppCode authentication is enabled and the AppCode is located in the header.

Table 17 BackendApi

Parameter

Type

Description

authorizer_id

String

Backend custom authorizer ID.

url_domain

String

Backend service address If no VPC channel is used, url_domain is mandatory.

The value consists of the host (IP address or domain name) and port number with a maximum of 255 characters, in the format of host:port number (for example, apig.example.com:7443). If the port number is not specified, HTTPS port number defaults to 443 and HTTP port number defaults to 80.

Environment variables are supported. Each must start with a letter and can consist of 3 to 32 characters. Only letters, digits, hyphens (-), and underscores (_) are allowed.

req_protocol

String

Request protocol. You can select GRPC or GRPCS for the GRPC backend.

remark

String

Description.

req_method

String

Request method. For the GRPC backend, the request method is fixed to POST.

version

String

Web backend version, which can contain a maximum of 16 characters.

req_uri

String

Request address. It can contain request parameters enclosed with braces ({}). For example, /getUserInfo/{userId}. Special characters, such as asterisks (*), slashes (/), percent signs (%), hyphens (-), underscores (_), and periods (.), are allowed. It can contain a maximum of 512 characters and must comply with URI specifications.

Environment variables are supported. Each must start with a letter and can consist of 3 to 32 characters. Only letters, digits, hyphens (-), and underscores (_) are allowed.

NOTE:
The address must comply with the URI specifications.

For the GRPC backend, the request address is fixed to /.

timeout

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

enable_client_ssl

Boolean

Whether to enable two-way authentication.

retry_count

String

Number of retry attempts to request the backend service. Default: –1. Range: –1 to 10.

–1 indicates that idempotent APIs will retry once and non-idempotent APIs will not retry. POST and PATCH are non-idempotent. GET, HEAD, PUT, OPTIONS, and DELETE are idempotent.

enable_sm_channel

Boolean

Whether to enable SM cryptographic algorithms.

This feature is only available if the instance supports the SM cryptographic algorithms.

id

String

ID.

status

Integer

Backend status:

  • 1: Valid

register_time

String

Registration time.

update_time

String

Modification time.

vpc_channel_info

VpcInfo object

VPC channel details. This parameter is required if vpc_channel_status is set to 1.

vpc_channel_status

Integer

Whether to use a VPC channel:

  • 1: yes

  • 2: no

Table 18 ApiGroupCommonInfo

Parameter

Type

Description

id

String

No.

name

String

API group name.

status

Integer

Status.

  • 1: Valid

  • 2: Locked

sl_domain

String

Subdomain name that the system automatically allocates to the API group.

register_time

String

Creation time.

update_time

String

Last modification time.

on_sell_status

Integer

Indicates whether the API group has been listed on the marketplace. The value can be:

  • 1: published

  • 2: not published

  • 3: being reviewed

ROMA Connect is not connected to the marketplace. The default value 2 is returned.

url_domains

Array of UrlDomain objects

List of independent domain names bound to the API group.

sl_domain_access_enabled

Boolean

Whether the debugging domain name is accessible. Options: true and false.

Table 19 UrlDomain

Parameter

Type

Description

id

String

Domain ID.

domain

String

Domain name.

cname_status

Integer

CNAME resolution status of the domain name.

  • 1: not resolved

  • 2: resolving

  • 3: resolved

  • 4: resolving failed

ssl_id

String

SSL certificate ID.

ssl_name

String

SSL certificate name.

min_ssl_version

String

Minimum SSL version. TLS 1.1 and TLS 1.2 are supported.

verified_client_certificate_enabled

Boolean

Whether to enable client certificate verification. This parameter is available only when a certificate is bound. It is enabled by default if trusted_root_ca exists, and disabled if trusted_root_ca does not exist.

is_has_trusted_root_ca

Boolean

Whether a trusted root certificate (CA) exists. The value is true if trusted_root_ca exists in the bound certificate.

ssl_infos

Array of SslInfo objects

SSL certificate list.

Table 20 SslInfo

Parameter

Type

Description

ssl_id

String

SSL certificate ID.

ssl_name

String

SSL certificate name.

algorithm_type

String

Certificate algorithm type:

  • RSA

  • ECC

  • SM2

type

String

Certificate scope. Options:

  • instance: current instance

  • global: all instances

Table 21 ApiFunc

Parameter

Type

Description

function_urn

String

Function URN.

network_type

String

Network architecture type of the function. Options:

  • V1: non-VPC

  • V2: VPC

remark

String

Description.

invocation_type

String

Invocation mode.

  • async: asynchronous

  • sync: synchronous

version

String

Version of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

alias_urn

String

Alias URN of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

timeout

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

authorizer_id

String

Backend custom authorizer ID.

id

String

ID.

register_time

String

Registration time.

status

Integer

Backend status:

  • 1: Valid

update_time

String

Modification time.

Table 22 ApiMock

Parameter

Type

Description

remark

String

Description.

result_content

String

Response.

version

String

Version. Ensure that the version does not exceed 64 characters.

authorizer_id

String

Backend custom authorizer ID.

status_code

Integer

Customized status code of the mock backend:

"200": "OK",

"201": "Created",

"202": "Accepted",

"203": "NonAuthoritativeInformation",

"204": "NoContent",

"205": "ResetContent",

"206": "PartialContent",

"300": "MultipleChoices",

"301": "MovedPermanently",

"302": "Found",

"303": "SeeOther",

"304": "NotModified",

"305": "UseProxy",

"306": "Unused",

"307": "TemporaryRedirect",

"400": "BadRequest",

"401": "Unauthorized",

"402": "PaymentRequired",

"403": "Forbidden",

"404": "NotFound",

"405": "MethodNotAllowed",

"406": "NotAcceptable",

"407": "ProxyAuthenticationRequired",

"408": "RequestTimeout",

"409": "Conflict",

"410": "Gone",

"411": "LengthRequired",

"412": "PreconditionFailed",

"413": "RequestEntityTooLarge",

"414": "RequestURITooLong",

"415": "UnsupportedMediaType",

"416": "RequestedRangeNotSatisfiable",

"417": "ExpectationFailed",

"450": "ParameterRequried",

"451": "MethodConnectException",

"500": "InternalServerError",

"501": "NotImplemented",

"502": "BadGateway",

"503": "ServiceUnavailable",

"504": "GatewayTimeout",

"505": "HTTPVersionNotSupported"

header

String

Custom response header of the mock backend.

Format: [{"key":"","value": "", "remark:""}, {"key2":"","value2": "","remark2:""}]

Description:

key: key of the mock backend's custom response header. It must start with a letter or digit, and can include only letters, digits, and hyphens (-) (max. 64 characters).

value: value of the mock backend's custom response header. This parameter cannot be empty (max. 10,240 characters).

remark: remark of the mock backend's custom response header. This parameter can be empty (max. 2048 characters).

id

String

ID.

register_time

String

Registration time.

status

Integer

Backend status:

  • 1: Valid

update_time

String

Modification time.

Table 23 ReqParam

Parameter

Type

Description

name

String

Parameter name.

The value can contain letters, digits, hyphens (-), underscores (_), and periods (.) and must start with a letter.

type

String

Parameter type.

location

String

Parameter location.

default_value

String

Default value.

sample_value

String

Example value.

required

Integer

Indicates whether the parameter is mandatory.

  • 1: The parameter is mandatory.

  • 2: The parameter is optional.

The value of this parameter is 1 if Location is set to PATH, and 2 if Location is set to another value.

valid_enable

Integer

Indicates whether validity check is enabled.

  • 1: enabled

  • 2: disabled

remark

String

Description.

enumerations

String

Enumerated value.

min_num

Integer

Minimum value.

This parameter is valid when type is set to NUMBER.

max_num

Integer

Maximum value.

This parameter is valid when type is set to NUMBER.

min_size

Integer

Minimum length.

This parameter is valid when type is set to STRING.

max_size

Integer

Maximum length.

This parameter is valid when type is set to STRING.

regular

String

Regular expression validation rule.

This parameter is currently not supported.

json_schema

String

JSON validation rule.

This parameter is currently not supported.

pass_through

Integer

Indicates whether to transparently transmit the parameter.

  • 1: The parameter is transparently transmitted.

  • 2: The parameter is not transparently transmitted.

orchestrations

Array of strings

Request parameter orchestration rules.

Request parameter orchestration rules are prioritized in the same sequence as the list.

The none_value rule in a rule list has the highest priority. A maximum of one none_value rule can be bound.

The default rule in a rule list has the lowest priority. A maximum of one default rule can be bound.

The preprocessing orchestration rule cannot be used as the last orchestration rule except the default rule.

Only one parameter of each API can be bound with unique orchestration rules. The number of orchestration rules that can be bound is limited by quota. For details, see "Quotas" in ROMA Connect Service Overview.

id

String

Parameter ID.

Table 24 ApiPolicyFunctionResp

Parameter

Type

Description

function_urn

String

Function URN.

network_type

String

Network architecture type of the function. Options:

  • V1: non-VPC

  • V2: VPC

invocation_type

String

Invocation mode.

  • async: asynchronous

  • sync: synchronous

timeout

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

version

String

Version of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

alias_urn

String

Alias URN of a function.

If both the alias URN and version are specified, the version is ignored and only the alias URN is used.

id

String

ID.

name

String

Backend name, which must start with a letter and can contain letters, digits, and underscores (_).

conditions

Array of ConditionResp objects

Policy conditions

backend_params

Array of BackendParam objects

Backend parameters

effect_mode

String

Effective mode of the backend policy.

  • ALL: All conditions are met.

  • ANY: Any condition is met.

authorizer_id

String

Backend custom authorizer ID.

Table 25 ApiPolicyMockResp

Parameter

Type

Description

id

String

ID.

name

String

Backend name, which must start with a letter and can contain letters, digits, and underscores (_).

conditions

Array of ConditionResp objects

Policy conditions

backend_params

Array of BackendParam objects

Backend parameters

effect_mode

String

Effective mode of the backend policy.

  • ALL: All conditions are met.

  • ANY: Any condition is met.

authorizer_id

String

Backend custom authorizer ID.

result_content

String

Response.

status_code

Integer

Customized status code of the mock backend:

"200": "OK",

"201": "Created",

"202": "Accepted",

"203": "NonAuthoritativeInformation",

"204": "NoContent",

"205": "ResetContent",

"206": "PartialContent",

"300": "MultipleChoices",

"301": "MovedPermanently",

"302": "Found",

"303": "SeeOther",

"304": "NotModified",

"305": "UseProxy",

"306": "Unused",

"307": "TemporaryRedirect",

"400": "BadRequest",

"401": "Unauthorized",

"402": "PaymentRequired",

"403": "Forbidden",

"404": "NotFound",

"405": "MethodNotAllowed",

"406": "NotAcceptable",

"407": "ProxyAuthenticationRequired",

"408": "RequestTimeout",

"409": "Conflict",

"410": "Gone",

"411": "LengthRequired",

"412": "PreconditionFailed",

"413": "RequestEntityTooLarge",

"414": "RequestURITooLong",

"415": "UnsupportedMediaType",

"416": "RequestedRangeNotSatisfiable",

"417": "ExpectationFailed",

"450": "ParameterRequried",

"451": "MethodConnectException",

"500": "InternalServerError",

"501": "NotImplemented",

"502": "BadGateway",

"503": "ServiceUnavailable",

"504": "GatewayTimeout",

"505": "HTTPVersionNotSupported"

header

String

Custom response header of the mock backend.

Format: [{"key":"","value": "", "remark:""}, {"key2":"","value2": "","remark2:""}]

Description:

key: key of the mock backend's custom response header. It must start with a letter or digit, and can include only letters, digits, and hyphens (-) (max. 64 characters).

value: value of the mock backend's custom response header. This parameter cannot be empty (max. 10,240 characters).

remark: remark of the mock backend's custom response header. This parameter can be empty (max. 2048 characters).

Table 26 ApiPolicyHttpResp

Parameter

Type

Description

id

String

ID.

name

String

Backend name, which must start with a letter and can contain letters, digits, and underscores (_).

conditions

Array of ConditionResp objects

Policy conditions

backend_params

Array of BackendParam objects

Backend parameters

effect_mode

String

Effective mode of the backend policy.

  • ALL: All conditions are met.

  • ANY: Any condition is met.

authorizer_id

String

Backend custom authorizer ID.

url_domain

String

Endpoint of the policy backend. The value consists of a domain name (or an IP address) and a port number. The total length cannot exceed 255 characters. The value is in Domain name:Port number format, for example, apig.example.com:7443. If the port number is not specified, the default HTTPS port number is 443 and the default HTTP port number is 80.Environment variables are supported. If environment variables are used, each variable name must contain 3 to 32 characters, including letters, digits, underscores (_), and hyphens (-). The value must start with a letter.

req_protocol

String

Request protocol. Options include HTTP, HTTPS, GRPC, or GRPCS. You can select GRPC or GRPCS for the GRPC backend.

req_method

String

Request method. Options: GET, POST, PUT, DELETE, HEAD, PATCH, OPTIONS, and ANY. This is fixed to POST for the GRPC backend.

req_uri

String

Request address. It can contain request parameters enclosed with braces ({}). For example, /getUserInfo/{userId}. Special characters, such as asterisks (*), slashes (/), percent signs (%), hyphens (-), underscores (_), and periods (.), are allowed. It can contain a maximum of 512 characters and must comply with URI specifications.

Environment variables are supported. Each must start with a letter and can consist of 3 to 32 characters. Only letters, digits, hyphens (-), and underscores (_) are allowed.

NOTE:
The address must comply with the URI specifications.

For the GRPC backend, the request address is fixed to /.

timeout

Integer

Timeout allowed for APIC to request the backend service. You can set the maximum timeout using the backend_timeout configuration item. The maximum value is 600,000.

Unit: ms

enable_client_ssl

Boolean

Whether to enable two-way authentication.

retry_count

String

Number of retry attempts to request the backend service. Default: –1. Range: –1 to 10.

–1 indicates that idempotent APIs will retry once and non-idempotent APIs will not retry. POST and PATCH are non-idempotent. GET, HEAD, PUT, OPTIONS, and DELETE are idempotent.

enable_sm_channel

Boolean

Whether to enable SM cryptographic algorithms.

This feature is only available if the instance supports the SM cryptographic algorithms.

vpc_channel_info

VpcInfo object

VPC channel details. This parameter is required if vpc_channel_status is set to 1.

vpc_channel_status

Integer

Whether to use a VPC channel:

  • 1: yes

  • 2: no

Table 27 ConditionResp

Parameter

Type

Description

req_param_name

String

Input parameter name. This parameter is required if the policy type is param.

sys_param_name

String

System parameter name. This parameter is mandatory when the policy type is set to system. The following system parameters are supported:

  • req_path: request path, such as /a/b

  • req_method: request method, such as GET

cookie_param_name

String

COOKIE parameter name. This parameter is required if the policy type is cookie.

frontend_authorizer_param_name

String

Frontend authorizer parameter name (system parameter). This parameter is required if the policy type is frontend_authorizer. The frontend authentication parameter name is prefixed with $context.authorizer.frontend. For example, if the frontend authentication parameter name is user_name, add the prefix and the value is $context.authorizer.frontend.user_name.

condition_type

String

Policy condition.

  • exact: Exact match.

  • enum: Enumeration.

  • pattern: Regular expression.

This parameter is mandatory when the policy type is param, cookie, or frontend_authorizer.

condition_origin

String

Policy type

  • param: Parameter.

  • source: Source IP.

  • system: Built-in gateway parameter (system parameter).

  • cookie: COOKIE parameter.

  • frontend_authorizer: Frontend authorizer parameter (system parameter).

  • orchestration: Parameter orchestration rule.

condition_value

String

Policy value, which is required when the policy type is param, source, cookie, or frontend_authorizer.

mapped_param_name

String

Name of a parameter generated after orchestration. This parameter is mandatory when condition_origin is set to orchestration. The generated parameter name must exist in the orchestration rule bound to the API.

mapped_param_location

String

Location of a parameter generated after orchestration. This parameter is mandatory when condition_origin is set to orchestration. This location must exist in the orchestration rule bound to the API.

id

String

ID.

req_param_id

String

Input parameter ID.

req_param_location

String

Input parameter location.

Table 28 BackendParam

Parameter

Type

Description

name

String

Parameter name,

which must start with a letter and can only contain letters, digits, hyphens (-), underscores (_), and periods (.).

location

String

Parameter location. The value can be PATH, QUERY, or HEADER.

origin

String

Parameter type. The value can be REQUEST, CONSTANT, and SYSTEM.

value

String

Parameter value, with a maximum of 255 characters.

If the origin type is REQUEST, the value of this parameter is the parameter name in req_params.

If the origin type is CONSTANT, the value is a constant.

If the origin type is SYSTEM, the value is a system parameter name. System parameters include gateway parameters, frontend authentication parameters, and backend authentication parameters. You can set the frontend or backend authentication parameters after enabling custom frontend or backend authentication.

The gateway parameters are as follows:

  • $context.sourceIp: source IP address of the API caller

  • $context.stage: deployment environment in which the API is called

  • $context.apiName: API name

  • $context.apiId: API ID

  • $context.appName: name of the app used by the API caller

  • $context.appId: ID of the app used by the API caller

  • $context.requestId: request ID generated when the API is called

  • $context.serverAddr: address of the gateway server

  • $context.serverName: name of the gateway server

  • $context.handleTime: processing time of the API request

  • $context.providerAppId: ID of the app used by the API owner (not supported)

  • $context.clientCertCN: client certificate CN carried in the API invoking when client authentication is enabled

Frontend authentication parameter: prefixed with "$context.authorizer.frontend.". For example, to return "aaa" upon successful custom authentication, set this parameter to "$context.authorizer.frontend.aaa".

Backend authentication parameter: prefixed with "$context.authorizer.backend.". For example, to return "aaa" upon successful custom authentication, set this parameter to "$context.authorizer.backend.aaa".

remark

String

Description.

id

String

Parameter ID.

req_param_id

String

Request parameter ID.

Table 29 VpcInfo

Parameter

Type

Description

ecs_id

String

Cloud server ID.

ecs_name

String

Cloud server name.

cascade_flag

Boolean

Indicates whether to use the cascading mode.

This parameter is currently not supported.

vpc_channel_proxy_host

String

Proxy host.

vpc_channel_id

String

VPC channel ID.

vpc_channel_port

Integer

VPC channel port.

Status code: 400

Table 30 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 401

Table 31 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 403

Table 32 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 404

Table 33 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 500

Table 34 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Example Requests

  • Create an API with authentication mode as custom authorizer, matching mode as exact match, and backend type as web, and customize frontend and backend request parameters.

    {
      "group_id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
      "match_mode" : "NORMAL",
      "name" : "Api_http",
      "auth_type" : "AUTHORIZER",
      "authorizer_id" : "0d982c1ac3da493dae47627b6439fc5c",
      "backend_type" : "HTTP",
      "backend_api" : {
        "url_domain" : "10.10.10.156:12346",
        "req_protocol" : "HTTP",
        "req_method" : "GET",
        "req_uri" : "/test/benchmark",
        "timeout" : 5000
      },
      "req_protocol" : "HTTPS",
      "req_uri" : "/test/http",
      "remark" : "Web backend API",
      "type" : 1,
      "req_method" : "GET",
      "result_normal_sample" : "Normal response example",
      "result_failure_sample" : "Failure response example",
      "trace_enabled" : true,
      "sampling_strategy" : "RATE",
      "sampling_param" : "10",
      "tags" : [ "webApi" ],
      "req_params" : [ {
        "name" : "query_demo",
        "location" : "QUERY",
        "type" : "STRING",
        "required" : 1
      }, {
        "name" : "header-demo",
        "location" : "HEADER",
        "type" : "STRING",
        "required" : 2
      } ],
      "backend_params" : [ {
        "name" : "backHeader",
        "value" : "header-demo",
        "location" : "HEADER",
        "origin" : "REQUEST"
      }, {
        "name" : "backQuery",
        "value" : "query_demo",
        "location" : "QUERY",
        "origin" : "REQUEST"
      }, {
        "name" : "X-CONSTANT-HEADER",
        "value" : "demo",
        "location" : "HEADER",
        "origin" : "CONSTANT",
        "remark" : "constant_demo"
      }, {
        "name" : "app-id",
        "value" : "$context.appId",
        "location" : "HEADER",
        "origin" : "SYSTEM",
        "remark" : "Application ID of the invoker."
      } ]
    }
  • Create an API with authentication mode as App, matching mode as exact match, and backend type as FunctionGraph.[ (This type of backend API cannot be created on Site instances.)](tag: Site)

    {
      "group_id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
      "match_mode" : "NORMAL",
      "name" : "Api_function",
      "auth_type" : "APP",
      "backend_type" : "FUNCTION",
      "func_info" : {
        "authorizer_id" : "5b8cd3f06f004115aec69c58f57272c9",
        "function_urn" : "'urn:fss:region01:73d69ae0cfcf460190522d06b60f05ad:function:default:auto_testfunc93749'",
        "network_type" : "V1",
        "invocation_type" : "sync",
        "timeout" : 5000,
        "version" : "latest",
        "alias_urn" : "urn:fss:region01:73d69ae0cfcf460190522d06b60f05ad:function:default:auto_testfunc93749:!a1"
      },
      "req_protocol" : "HTTPS",
      "req_uri" : "/test/function",
      "remark" : "FunctionGraph backend API",
      "type" : 1,
      "req_method" : "GET",
      "result_normal_sample" : "Normal response example",
      "result_failure_sample" : "Failure response example",
      "tags" : [ "functionApi" ]
    }
  • Create an API with authentication mode as App, matching mode as prefix match, and backend type as Mock.

    {
      "group_id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
      "match_mode" : "SWA",
      "name" : "Api_mock",
      "auth_type" : "APP",
      "backend_type" : "MOCK",
      "mock_info" : {
        "result_content" : "mock success"
      },
      "req_protocol" : "HTTPS",
      "req_uri" : "/test/mock",
      "remark" : "Mock backend API",
      "type" : 1,
      "req_method" : "GET",
      "result_normal_sample" : "Normal response example",
      "result_failure_sample" : "Failure response example",
      "tags" : [ "mockApi" ]
    }

Example Responses

Status code: 201

Created

  • Example 1

    {
      "name" : "Api_http",
      "type" : 1,
      "version" : "V2",
      "req_protocol" : "HTTP",
      "req_method" : "GET",
      "req_uri" : "/test/http",
      "auth_type" : "APP",
      "auth_opt" : {
        "app_code_auth_type" : "DISABLE"
      },
      "cors" : false,
      "trace_enabled" : true,
      "sampling_strategy" : "RATE",
      "sampling_param" : "10",
      "match_mode" : "NORMAL",
      "backend_type" : "HTTP",
      "remark" : "Web backend API",
      "group_id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
      "body_remark" : "",
      "result_normal_sample" : "Normal response example",
      "result_failure_sample" : "Failure response example",
      "authorizer_id" : "",
      "tags" : [ "webApi" ],
      "roma_app_id" : "957dcd1e-d8f4-432e-8e71-df55cf772aba",
      "domain_name" : "",
      "tag" : "",
      "id" : "5f918d104dc84480a75166ba99efff21",
      "status" : 1,
      "arrange_necessary" : 2,
      "register_time" : "2022-02-09T02:46:36.913996908Z",
      "update_time" : "2022-02-09T02:46:36.913997175Z",
      "group_name" : "api_group_001",
      "group_version" : "V2",
      "run_env_name" : "",
      "run_env_id" : "",
      "publish_id" : "",
      "roma_app_name" : "app-htyr",
      "ld_api_id" : "",
      "backend_api" : {
        "authorizer_id" : "",
        "url_domain" : "10.10.10.156:12346",
        "req_protocol" : "HTTP",
        "remark" : "",
        "req_method" : "GET",
        "version" : "",
        "req_uri" : "/test/bechmark",
        "timeout" : 5000,
        "enable_client_ssl" : false,
        "retry_count" : "-1",
        "id" : "86686e62cabe44b392ad4a0856165e92",
        "status" : 1,
        "register_time" : "2022-02-09T02:46:36.914978278Z",
        "update_time" : "2022-02-09T02:46:36.914978525Z",
        "vpc_channel_info" : {
          "cascade_flag" : false,
          "vpc_channel_id" : "",
          "vpc_channel_port" : 0
        },
        "vpc_channel_status" : 2
      },
      "api_group_info" : {
        "id" : "02b157a33b394babb0b08c010bc3d76b",
        "name" : "api_group",
        "status" : 1,
        "sl_domain" : "02b157a33b394babb0b08c010bc3d76b.apic.****.com",
        "register_time" : "2022-02-09T02:46:31Z",
        "update_time" : "2022-02-09T02:46:31Z",
        "on_sell_status" : 2,
        "url_domains" : [ {
          "id" : "e91b83b07744e8eb1872d695ed4743b",
          "domain" : "domain.com",
          "cname_status" : 3,
          "ssl_id" : "ddsa83b07744e8eb1872d695ed4743b",
          "ssl_name" : "certificate",
          "min_ssl_version" : "TLSv1.1"
        } ],
        "sl_domain_access_enabled" : true
      },
      "func_info" : null,
      "mock_info" : null,
      "req_params" : [ {
        "name" : "query_demo",
        "location" : "QUERY",
        "type" : "STRING",
        "valid_enable" : 2,
        "required" : 1,
        "id" : "57c8bf3c97ef40ee94eace95dff30014",
        "pass_through" : 1
      }, {
        "name" : "header-demo",
        "location" : "HEADER",
        "type" : "STRING",
        "valid_enable" : 2,
        "required" : 2,
        "id" : "8d993be96980415faa6b1fb2ebd647e0",
        "pass_through" : 1
      } ],
      "backend_params" : [ {
        "name" : "backHeader",
        "value" : "header-demo",
        "location" : "HEADER",
        "origin" : "REQUEST",
        "id" : "709f0ea376b44aaf907aaaa37d8cce92",
        "req_param_id" : "8d993be96980415faa6b1fb2ebd647e0"
      }, {
        "name" : "backQuery",
        "value" : "query_demo",
        "location" : "QUERY",
        "origin" : "REQUEST",
        "id" : "2f152d0fb54445039158d29c2a4f69ee",
        "req_param_id" : "57c8bf3c97ef40ee94eace95dff30014"
      }, {
        "name" : "X-CONSTANT-HEADER",
        "value" : "demo",
        "location" : "HEADER",
        "origin" : "CONSTANT",
        "remark" : "constant_demo",
        "id" : "20142102c6aa4f3c97d5fd6ef4010ac2"
      }, {
        "name" : "app-id",
        "value" : "$context.appId",
        "location" : "HEADER",
        "origin" : "SYSTEM",
        "remark" : "Application ID of the invoker.",
        "id" : "a1349c61016e4d999ca783a50bfeee2b"
      } ],
      "policy_functions" : null,
      "policy_mocks" : null,
      "policy_https" : [ ]
    }
  • Example 2

    {
      "name" : "Api_function",
      "type" : 1,
      "version" : "V0.0.1",
      "req_protocol" : "HTTPS",
      "req_method" : "GET",
      "req_uri" : "/test/function",
      "auth_type" : "APP",
      "auth_opt" : {
        "auth_code_auth_type" : "DISABLE"
      },
      "cors" : false,
      "match_mode" : "NORMAL",
      "backend_type" : "FUNCTION",
      "remark" : "FunctionGraph backend API",
      "group_id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
      "body_remark" : "",
      "result_normal_sample" : "Normal response example",
      "result_failure_sample" : "Failure response example",
      "authorizer_id" : "",
      "tags" : [ "functionApi" ],
      "tag" : "",
      "roma_app_id" : "f77f5e81d9cb4424bf704ef2b0ac7690",
      "domain_name" : "www.sss.com",
      "id" : "abd9c4b2ff974888b0ba79be7e6b2763",
      "status" : 1,
      "arrange_necessary" : 2,
      "register_time" : "2020-08-02T15:56:52.286099413Z",
      "update_time" : "2020-08-02T15:56:52.286099715Z",
      "group_name" : "api_group_001",
      "group_version" : "V1",
      "run_env_name" : "",
      "run_env_id" : "",
      "publish_id" : "",
      "publish_time" : "",
      "roma_app_name" : "app-dfge",
      "ld_api_id" : "",
      "backend_api" : null,
      "api_group_info" : {
        "id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
        "name" : "api_group",
        "status" : 1,
        "sl_domain" : "c77f5e81d9cb4424bf704ef2b0ac7600.apic.****.com",
        "register_time" : "2020-08-02T15:56:52Z",
        "update_time" : "2020-08-02T15:56:52Z",
        "on_sell_status" : 2,
        "url_domains" : [ {
          "id" : "e91b83b07744e8eb1872d695ed4743b",
          "domain" : "domain.com",
          "cname_status" : 3,
          "ssl_id" : "ddsa83b07744e8eb1872d695ed4743b",
          "ssl_name" : "certificate",
          "min_ssl_version" : "TLSv1.1"
        } ],
        "sl_domain_access_enabled" : true
      },
      "mock_info" : null,
      "func_info" : {
        "id" : "c0740524cd4c40e3801a7afe5375f8b0",
        "authorizer_id" : "5b8cd3f06f004115aec69c58f57272c9",
        "function_urn" : "'urn:fss:region01:73d69ae0cfcf460190522d06b60f05ad:function:default:auto_testfunc93749'",
        "network_type" : "V1",
        "remark" : "",
        "invocation_type" : "sync",
        "timeout" : 5000,
        "version" : "latest",
        "alias_urn" : "urn:fss:region01:73d69ae0cfcf460190522d06b60f05ad:function:default:auto_testfunc93749:!a1",
        "register_time" : "2020-08-02T15:36:19.897262803Z",
        "update_time" : "2020-08-02T15:36:19.897262993Z",
        "status" : 1
      },
      "req_params" : [ ],
      "backend_params" : [ ],
      "policy_functions" : null,
      "policy_mocks" : [ ],
      "policy_https" : null
    }
  • Example 3

    {
      "name" : "Api_mock",
      "type" : 1,
      "version" : "V0.0.1",
      "req_protocol" : "HTTPS",
      "req_method" : "GET",
      "req_uri" : "/test/mock",
      "auth_type" : "APP",
      "auth_opt" : {
        "auth_code_auth_type" : "DISABLE"
      },
      "cors" : false,
      "match_mode" : "SWA",
      "backend_type" : "MOCK",
      "remark" : "Mock backend API",
      "group_id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
      "body_remark" : "",
      "result_normal_sample" : "Normal response example",
      "result_failure_sample" : "Failure response example",
      "authorizer_id" : "",
      "tags" : [ "mockApi" ],
      "tag" : "",
      "roma_app_id" : "f77f5e81d9cb4424bf704ef2b0ac7690",
      "domain_name" : "www.sss.com",
      "id" : "3a955b791bd24b1c9cd94c745f8d1aad",
      "status" : 1,
      "arrange_necessary" : 2,
      "register_time" : "2020-08-02T15:56:52.286099413Z",
      "update_time" : "2020-08-02T15:56:52.286099715Z",
      "group_name" : "api_group_001",
      "group_version" : "V1",
      "run_env_name" : "",
      "run_env_id" : "",
      "publish_id" : "",
      "publish_time" : "",
      "roma_app_name" : "app-dfge",
      "ld_api_id" : "",
      "backend_api" : null,
      "api_group_info" : {
        "id" : "c77f5e81d9cb4424bf704ef2b0ac7600",
        "name" : "api_group",
        "status" : 1,
        "sl_domain" : "c77f5e81d9cb4424bf704ef2b0ac7600.apic.****.com",
        "register_time" : "2020-08-02T15:56:52Z",
        "update_time" : "2020-08-02T15:56:52Z",
        "on_sell_status" : 2,
        "url_domains" : [ {
          "id" : "e91b83b07744e8eb1872d695ed4743b",
          "domain" : "domain.com",
          "cname_status" : 3,
          "ssl_id" : "ddsa83b07744e8eb1872d695ed4743b",
          "ssl_name" : "certificate",
          "min_ssl_version" : "TLSv1.1"
        } ],
        "sl_domain_access_enabled" : true
      },
      "mock_info" : {
        "remark" : "",
        "result_content" : "mock success",
        "version" : "m1",
        "authorizer_id" : "",
        "status_code" : 200,
        "header" : [ ],
        "id" : "e74bbc75825c4c38ae84ccab6bdc6175",
        "register_time" : "2020-08-02T15:56:52.301790367Z",
        "status" : 1,
        "update_time" : "2020-08-02T15:56:52.301790686Z"
      },
      "func_info" : null,
      "req_params" : [ ],
      "backend_params" : [ ],
      "policy_functions" : null,
      "policy_mocks" : [ ],
      "policy_https" : null
    }

Status code: 400

Bad Request

{
  "error_code" : "APIG.2011",
  "error_msg" : "Invalid parameter value,parameterName:name. Please refer to the support documentation"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3019",
  "error_msg" : "The function URN does not exist"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code

Description

201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

500

Internal Server Error

Error Codes

See Error Codes.