Bu sayfa henüz yerel dilinizde mevcut değildir. Daha fazla dil seçeneği eklemek için yoğun bir şekilde çalışıyoruz. Desteğiniz için teşekkür ederiz.
- What's New
- Function Overview
- Product Bulletin
- Service Overview
- Billing
- Getting Started
-
User Guide
- Process of Using APIG
- Creating a User and Granting APIG Permissions
- Creating a Gateway
- Opening APIs
- (Optional) Configuring Authorization for API Calling
- Calling APIs
-
Managing APIs
- Overview
- Viewing or Modifying API Information
- Configuring Custom API Authentication
- Configuring API Parameter Orchestration Rules
- Customizing Error Response for APIs
- Cloning an API
- Taking an API Offline
- Importing and Exporting APIs
-
API Design File Extension Definitions
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-is-send-fg-body-base64
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- x-apigateway-auth-opt
- x-apigateway-result-normal-sample
- x-apigateway-result-failure-sample
- x-apigateway-authorizer
- x-apigateway-response
- x-apigateway-responses
- x-apigateway-pass-through
- x-apigateway-sample
- x-apigateway-content-type
- x-apigateway-orchestrations
- Configuring API Policies
- Configuring a Credential Policy
- Managing APIG Gateways
- Viewing Metrics and Configuring Alarms
- Viewing Audit Logs
- Shared Gateway (for Existing Users)
-
Best Practices
- Overview
-
API Openness
- Selectively Exposing CCE Workloads with a Dedicated Gateway
- Selectively Exposing Service Capabilities of a Data Center Using a Dedicated Gateway
- Exposing Backend Services Across VPCs Using a Dedicated Gateway
- Routing gRPC Service Requests Using a Dedicated Gateway
- Forwarding WebSocket Service Requests Using a Dedicated Gateway
- HTTP-to-HTTPS Auto Redirection with a Dedicated Gateway
- Calling Different Backend Services Using a Dedicated Gateway
- API Authentication
- API Policies
- API Security
- Developer Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Verifying the API Definition
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
-
VPC Channel Management
- Creating a VPC Channel
- Updating a VPC Channel
- Deleting a VPC Channel
- Querying VPC Channel Details
- Querying VPC Channels
- Adding or Updating Backend Instances
- Querying Backend Servers of a VPC Channel
- Updating Backend Instances
- Removing a Backend Server
- Enabling Backend Servers
- Disabling Backend Servers
- Modifying VPC Channel Health Check
- Adding or Updating a Backend Server Group of a VPC Channel
- Querying Backend Server Groups of a VPC Channel
- Querying a Backend Server Group of a VPC Channel
- Deleting a Backend Server Group of a VPC Channel
- Updating a Backend Server Group of a VPC Channel
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Enabling Public Inbound Access
- Updating Public Inbound Access Bandwidth of a Gateway
- Disabling Public Inbound Access for a Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Modifying the Specifications of a Pay-Per-Use Gateway
- Querying Gateway Constraints
- VPC Endpoint Management
- Gateway Tag Management
- Microservice Center Management
-
SSL Certificate Management
- Querying SSL Certificates
- Creating an SSL Certificate
- Binding a Domain Name with SSL Certificates
- Unbinding a Domain Name's SSL Certificates
- Querying Certificate Details
- Deleting an SSL Certificate
- Modifying an SSL Certificate
- Binding an SSL Certificate to a Domain Name
- Unbinding an SSL Certificate from a Domain Name
- Querying Domain Names of an SSL Certificate
-
Plug-in Management
- Creating a Plug-in
- Modifying a Plug-in
- Deleting a Plug-in
- Querying Plug-ins
- Querying Plug-in Details
- Binding a Plug-in to APIs
- Binding an API with Plug-ins
- Unbinding a Plug-in from All APIs
- Unbinding an API's Plug-ins
- Querying APIs Bound with a Plug-in
- Querying Plug-ins Bound to an API
- Querying APIs to Which a Plug-in Can Be Bound
- Querying Plug-ins That Can Be Bound to an API
-
Credential Management
- Creating an App
- Modifying an App
- Deleting an App
- Resetting the AppSecret of an App
- Verifying an App
- Querying App Details
- Querying Apps
- Creating an AppCode
- Generating an AppCode
- Deleting an AppCode
- Querying AppCode Details
- Querying AppCodes of an App
- Querying Quotas Associated with a Credential
- Configuring Access Control Settings for an App
- Querying Access Control Details About an App
- Deleting Access Control Settings of an App
-
Credential Quota Management
- Creating a Credential Quota
- Querying Credential Quota Details
- Querying Credential Quotas
- Modifying a Credential Quota
- Deleting a Credential Quota
- Querying the Credentials Bound to a Specified Quota
- Binding a Credential Quota with Credentials
- Unbinding a Credential Quota from a Credential
- Querying Credentials That Can Be Bound to a Credential Quota
- Asynchronous Task Management
- Orchestration Rule Management
- Gateway Custom Inbound Port Management
-
Shared Gateway APIs (for Existing Users)
- API Group Management
-
API Management
- Object Model
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API
- Taking an API Offline
- Publishing Multiple APIs or Taking Multiple APIs Offline
- Querying API Details
- Querying an API List
- Querying Historical API Versions
- Taking an Effective Version of an API Offline
- Querying Details of an API Version
- Querying the Runtime Definition of an API
- Debugging an API
- App Management
- App Authorization Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
- Binding Request Throttling Policies
- Excluded Request Throttling Configuration
- Access Control Policy Management
-
Binding Access Control Policies
- Object Model
- Binding an Access Control Policy to an API
- Querying the List of Access Control Policies Bound to an API
- Querying the List of APIs Bound to an Access Control Policy
- Querying the List of APIs Not Bound to an Access Control Policy
- Unbinding an Access Control Policy from an API
- Unbinding Multiple Access Control Policies from APIs
- Querying Subscription Information in KooGallery
- Configuration Management
- Resource Query
- Signature Key Management
- Binding Signature Keys
- Domain Name Management
- VPC Channel Management
- Querying Metrics
- OpenAPI
- Custom Authorizer Management
- Permissions Policies and Supported Actions
- Appendix
- Change History
- SDK Reference
-
FAQs
- Common FAQs
- Product Consulting FAQs
-
Opening APIs
- Why Can't I Create APIs?
- How Do I Define Response Codes for an API?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- Can I Bind Private Domain Names for API Access?
- Why Do I Fail to Call an API Across Domains?
- How Do I Use APIG to Open Up Services Deployed on Huawei Cloud?
- Publishing an API
-
Calling APIs
- What Are the Possible Causes for an API Calling Failure?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- Why Am I Seeing the Error Message "The API does not exist or has not been published in the environment" When I Call an API?
- Why Am I Seeing the Error Message "No backend available" When I Call an API?
- Why Am I Seeing the Error Message "Backend unavailable" or "Backend timeout" When I Invoke the Backend Service?
- Why Am I Seeing the Error Message "Backend domain name resolution failed" When I Invoke the Backend Service?
- Why Am I Seeing the Error Message "Incorrect IAM authentication information" When I Call an API?
- Why Am I Seeing the Error Message "Incorrect app authentication information" When I Call an API?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- Does APIG Have a Limit on the Size of the API Request Body?
- Is There a Limit on the Size of the Response to an API Request?
- How Do I Call an API Using App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- How Can I Access Backend Services over Public Networks Through APIG?
- API Authentication
-
API Policies
- Can I Configure the Maximum Number of Concurrent Requests?
- Is the Restriction of 1,000 Requests Per Day to a Debugging Domain Name Applied to Enterprise Accounts?
- Does APIG Have Bandwidth Limits?
- Why Doesn't a Request Throttling Policy Take Effect?
- How Do I Provide an Open API to Specific Users?
- Are Client IP Addresses Verified for Access Control?
- Importing and Exporting APIs
- Videos
-
More Documents
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Getting Started
- Comparing Versions
- Overview
-
API Management
- Creating an API Group
- Binding a Domain Name
- Creating an Environment Variable
- Creating a Gateway Response
- Creating an API
- Cloning an API
- CORS
- Debugging an API
- Authorizing API Access
- Publishing an API
- Taking an API Offline
-
Importing and Exorting APIs
- Restrictions and Compatibility
- Importing APIs
- Exporting APIs
-
Extended Definition
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- Viewing APIs
- HTTP 2.0
- API Policies
- Credentials
- Monitoring & Analysis
- Gateway Management
- SDKs
- Published API Calling
- Permissions Management
- Auditing
-
FAQs
- Common FAQs
-
API Creation
- How Do I Define Response Codes for an API?
- How Do I Specify the Host Port for a VPC Channel (or Load Balance Channel)?
- How Do I Set the Backend Address If I Will Not Use a VPC Channel (or Load Balance Channel)?
- How Can I Configure the Backend Service Address?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- What Should I Do After Applying for an Independent Domain Name?
- Can I Bind Private Domain Names for API Access?
- Why Does an API Failed to Be Called Across Domains?
-
API Calling
- What Are the Possible Causes for an API Calling Failure?
- What Should I Do If an Error Code Is Returned During API Calling?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- What Should I Do If "The API does not exist or has not been published in the environment." Is Displayed?
- Why Am I Seeing the Message "No backend available"?
- What Are the Possible Causes If the Message "Backend unavailable" or "Backend timeout" Is Displayed?
- Why Am I Seeing the Message "Backend domain name resolution failed" When a Backend Service Is Called?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- How Do I Switch the Environment for API Calling?
- What Is the Maximum Size of an API Request Package?
- How Do I Perform App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- App (Credential) FAQs
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- Does APIG Support Persistent Connections?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- Is There a Limit on the Size of the Response to an API Request?
- How Can I Access Backend Services over Public Networks Through APIG?
-
API Authentication
- Does APIG Support HTTPS Two-Way Authentication?
- How Do I Call an API That Does Not Require Authentication?
- Which TLS Versions Does APIG Support?
- Does APIG Support Custom Authentication?
- Will the Request Body Be Signed for Security Authentication?
- Common Errors Related to IAM Authentication Information
- What Should I Do If the App Authentication Information Is Incorrect?
- API Control Policies
- API Publishing
- API Import and Export
- API Security
- Other FAQs
- Change History
- Developer Guide (Kuala Lumpur Region)
-
API Reference (Kuala Lumpur Region)
- Before You Start
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Verifying the API Definition
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
-
VPC Channel Management
- Creating a VPC Channel
- Updating a VPC Channel
- Deleting a VPC Channel
- Querying VPC Channel Details
- Querying VPC Channels
- Adding or Updating Backend Instances
- Querying Backend Servers of a VPC Channel
- Updating Backend Instances
- Removing a Backend Server
- Enabling Backend Servers
- Disabling Backend Servers
- Modifying VPC Channel Health Check
- Adding or Updating a Backend Server Group of a VPC Channel
- Querying Backend Server Groups of a VPC Channel
- Querying a Backend Server Group of a VPC Channel
- Deleting a Backend Server Group of a VPC Channel
- Updating a Backend Server Group of a VPC Channel
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Enabling Public Inbound Access
- Updating Public Inbound Access Bandwidth of a Gateway
- Disabling Public Inbound Access for a Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Modifying the Specifications of a Pay-Per-Use Gateway
- Querying Gateway Constraints
- VPC Endpoint Management
- Gateway Tag Management
-
SSL Certificate Management
- Querying SSL Certificates
- Creating an SSL Certificate
- Binding a Domain Name with SSL Certificates
- Unbinding a Domain Name's SSL Certificates
- Querying Certificate Details
- Deleting an SSL Certificate
- Modifying an SSL Certificate
- Binding an SSL Certificate to a Domain Name
- Unbinding an SSL Certificate from a Domain Name
- Querying Domain Names of an SSL Certificate
-
Plug-in Management
- Creating a Plug-in
- Modifying a Plug-in
- Deleting a Plug-in
- Querying Plug-ins
- Querying Plug-in Details
- Binding a Plug-in to APIs
- Binding an API with Plug-ins
- Unbinding a Plug-in from All APIs
- Unbinding an API's Plug-ins
- Querying APIs Bound with a Plug-in
- Querying Plug-ins Bound to an API
- Querying APIs to Which a Plug-in Can Be Bound
- Querying Plug-ins That Can Be Bound to an API
-
Credential Management
- Creating an App
- Modifying an App
- Deleting an App
- Resetting the AppSecret of an App
- Verifying an App
- Querying App Details
- Querying Apps
- Creating an AppCode
- Generating an AppCode
- Deleting an AppCode
- Querying AppCode Details
- Querying AppCodes of an App
- Querying Quotas Associated with a Credential
- Configuring Access Control Settings for an App
- Querying Access Control Details About an App
- Deleting Access Control Settings of an App
-
Credential Quota Management
- Creating a Credential Quota
- Querying Credential Quota Details
- Querying Credential Quotas
- Modifying a Credential Quota
- Deleting a Credential Quota
- Querying the Credentials Bound to a Specified Quota
- Binding a Credential Quota with Credentials
- Unbinding a Credential Quota from a Credential
- Querying Credentials That Can Be Bound to a Credential Quota
- Asynchronous Task Management
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
- Comparing Versions
- Overview
-
API Management
- Creating an API Group
- Importing a CCE Workload
- Binding a Domain Name
- Creating an Environment Variable
- Creating a Gateway Response
- Creating an API
- Creating a gRPC API
- Cloning an API
- CORS
- Debugging an API
- Authorizing API Access
- Publishing an API
- Taking an API Offline
-
Importing and Exorting APIs
- Restrictions and Compatibility
- Importing APIs
- Exporting APIs
-
Extended Definition
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-is-send-fg-body-base64
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- Viewing APIs
- HTTP 2.0
- API Policies
- Credentials
- Monitoring & Analysis
- Gateway Management
- SDKs
- Published API Calling
- Permissions Management
- Auditing
-
FAQs
- Common FAQs
-
API Creation
- Why Can't I Create APIs?
- How Do I Define Response Codes for an API?
- How Do I Specify the Host Port for a VPC Channel (or Load Balance Channel)?
- How Do I Set the Backend Address If I Will Not Use a VPC Channel (or Load Balance Channel)?
- How Can I Configure the Backend Service Address?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- What Should I Do After Applying for an Independent Domain Name?
- Can I Bind Private Domain Names for API Access?
- Why Does an API Failed to Be Called Across Domains?
-
API Calling
- What Are the Possible Causes for an API Calling Failure?
- What Should I Do If an Error Code Is Returned During API Calling?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- What Should I Do If "The API does not exist or has not been published in the environment." Is Displayed?
- Why Am I Seeing the Message "No backend available"?
- What Are the Possible Causes If the Message "Backend unavailable" or "Backend timeout" Is Displayed?
- Why Am I Seeing the Message "Backend domain name resolution failed" When a Backend Service Is Called?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- How Do I Switch the Environment for API Calling?
- What Is the Maximum Size of an API Request Package?
- How Do I Perform App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- App (Credential) FAQs
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- Does APIG Support Persistent Connections?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- Is There a Limit on the Size of the Response to an API Request?
- How Can I Access Backend Services over Public Networks Through APIG?
-
API Authentication
- Does APIG Support HTTPS Two-Way Authentication?
- How Do I Call an API That Does Not Require Authentication?
- Which TLS Versions Does APIG Support?
- Does APIG Support Custom Authentication?
- Will the Request Body Be Signed for Security Authentication?
- Common Errors Related to IAM Authentication Information
- What Should I Do If the App Authentication Information Is Incorrect?
- API Control Policies
- API Publishing
- API Import and Export
- API Security
- Other FAQs
- Change History
- Developer Guide (ME-Abu Dhabi Region)
-
API Reference (ME-Abu Dhabi Region)
- Before You Start
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Verifying the API Definition
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
-
VPC Channel Management
- Creating a VPC Channel
- Updating a VPC Channel
- Deleting a VPC Channel
- Querying VPC Channel Details
- Querying VPC Channels
- Adding or Updating Backend Instances
- Querying Backend Servers of a VPC Channel
- Updating Backend Instances
- Removing a Backend Server
- Enabling Backend Servers
- Disabling Backend Servers
- Modifying VPC Channel Health Check
- Adding or Updating a Backend Server Group of a VPC Channel
- Querying Backend Server Groups of a VPC Channel
- Querying a Backend Server Group of a VPC Channel
- Deleting a Backend Server Group of a VPC Channel
- Updating a Backend Server Group of a VPC Channel
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Enabling Public Inbound Access
- Updating Public Inbound Access Bandwidth of a Gateway
- Disabling Public Inbound Access for a Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Modifying the Specifications of a Pay-Per-Use Gateway
- Querying Gateway Constraints
- VPC Endpoint Management
- Gateway Tag Management
- Microservice Center Management
-
SSL Certificate Management
- Querying SSL Certificates
- Creating an SSL Certificate
- Binding a Domain Name with SSL Certificates
- Unbinding a Domain Name's SSL Certificates
- Querying Certificate Details
- Deleting an SSL Certificate
- Modifying an SSL Certificate
- Binding an SSL Certificate to a Domain Name
- Unbinding an SSL Certificate from a Domain Name
- Querying Domain Names of an SSL Certificate
-
Plug-in Management
- Creating a Plug-in
- Modifying a Plug-in
- Deleting a Plug-in
- Querying Plug-ins
- Querying Plug-in Details
- Binding a Plug-in to APIs
- Binding an API with Plug-ins
- Unbinding a Plug-in from All APIs
- Unbinding an API's Plug-ins
- Querying APIs Bound with a Plug-in
- Querying Plug-ins Bound to an API
- Querying APIs to Which a Plug-in Can Be Bound
- Querying Plug-ins That Can Be Bound to an API
-
Credential Management
- Creating an App
- Modifying an App
- Deleting an App
- Resetting the AppSecret of an App
- Verifying an App
- Querying App Details
- Querying Apps
- Creating an AppCode
- Generating an AppCode
- Deleting an AppCode
- Querying AppCode Details
- Querying AppCodes of an App
- Querying Quotas Associated with a Credential
- Configuring Access Control Settings for an App
- Querying Access Control Details About an App
- Deleting Access Control Settings of an App
-
Credential Quota Management
- This API is used to creat a credential quota.
- Querying Credential Quota Details
- Querying Credential Quotas
- Modifying a Credential Quota
- Deleting a Credential Quota
- Querying the Credentials Bound to a Specified Quota
- Binding a Credential Quota with Credentials
- Unbinding a Credential Quota from a Credential
- Querying Credentials That Can Be Bound to a Credential Quota
- Asynchronous Task Management
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
Best Practices (ME-Abu Dhabi Region)
- Selectively Exposing CCE Workloads with a Dedicated Gateway
- Selectively Exposing Service Capabilities of a Data Center Using a Dedicated Gateway
- Developing a Custom Authorizer with FunctionGraph
- Exposing Backend Services Across VPCs Using a Dedicated Gateway
- Interconnecting a Dedicated Gateway with WAF
- Request Throttling 2.0 with a Dedicated Gateway
- Two-Factor Authentication with a Dedicated Gateway
- HTTP-to-HTTPS Auto Redirection with a Dedicated Gateway
- Client Authentication with a Dedicated Gateway
- Invoking an API Policy Backend via Frontend Authentication Parameters (System Parameter)
- Forwarding WebSocket Services Using Dedicated Gateway
- Change History
- User Guide (Paris Region)
-
Developer Guide (Paris Region)
- Application Scenarios
- Calling APIs Through App Authentication
- Calling APIs Through IAM Authentication
- Creating Signatures for Backend Requests
-
Importing and Exporting APIs
- Restrictions and Compatibility
- Extended Definition
- API Import Precautions
- Examples of Importing APIs
- API Export Precautions
- Change History
-
API Reference (Paris Region)
- Before You Start
- Calling APIs
- Getting Started
-
Shared Gateway APIs
- API Group Management
-
API Management
- Object Model
- Registering an API
- Modifying an API
- Deleting an API
- Publishing an API
- Taking an API Offline
- Publishing Multiple APIs or Taking Multiple APIs Offline
- Querying API Details
- Querying an API List
- Querying Historical API Versions
- Taking an Effective Version of an API Offline
- Querying Details of an API Version
- Querying the Runtime Definition of an API
- Debugging an API
- App Management
- App Authorization Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
- Binding Request Throttling Policies
- Excluded Request Throttling Configuration
- Access Control Policy Management
-
Binding Access Control Policies
- Object Model
- Binding an Access Control Policy to an API
- Querying the List of Access Control Policies Bound to an API
- Querying the List of APIs Bound to an Access Control Policy
- Querying the List of APIs Not Bound to an Access Control Policy
- Unbinding an Access Control Policy from an API
- Unbinding Multiple Access Control Policies from APIs
- Querying Subscription Information in the Marketplace
- Resource Query
- Signature Key Management
- Binding Signature Keys
- Domain Name Management
- VPC Channel Management
- OpenAPI
- Custom Authorizer Management
- Appendix
- Change History
-
Dedicated API Gateway User Guide (Paris Region)
- Service Overview
- Getting Started
- Comparing Versions
- Overview
-
API Management
- Creating an API Group
- Binding a Domain Name
- Creating an Environment Variable
- Creating a Gateway Response
- Creating an API
- CORS
- Debugging an API
- Authorizing API Access
- Publishing an API
- Taking an API Offline
-
Importing and Exorting APIs
- Restrictions and Compatibility
- Importing APIs
- Exporting APIs
-
Extended Definition
- x-apigateway-auth-type
- x-apigateway-request-type
- x-apigateway-match-mode
- x-apigateway-cors
- x-apigateway-any-method
- x-apigateway-backend
- x-apigateway-backend.parameters
- x-apigateway-backend.httpEndpoints
- x-apigateway-backend.httpVpcEndpoints
- x-apigateway-backend.functionEndpoints
- x-apigateway-backend.mockEndpoints
- x-apigateway-backend-policies
- x-apigateway-backend-policies.conditions
- x-apigateway-ratelimit
- x-apigateway-ratelimits
- x-apigateway-ratelimits.policy
- x-apigateway-ratelimits.policy.special
- x-apigateway-access-control
- x-apigateway-access-controls
- x-apigateway-access-controls.policy
- x-apigateway-plugins
- Viewing APIs
- API Policies
- Credentials
- Monitoring & Analysis
- Gateway Management
- Published API Calling
- Permissions Management
- Auditing
-
FAQs
- Common FAQs
-
API Creation
- How Do I Define Response Codes for an API?
- How Do I Specify the Host Port for a VPC Channel (or Load Balance Channel)?
- How Do I Set the Backend Address If I Will Not Use a VPC Channel (or Load Balance Channel)?
- How Can I Configure the Backend Service Address?
- Can I Specify a Private Network Load Balancer Address for the Backend Service?
- Can I Specify the Backend Address as a Subnet IP Address?
- Does APIG Support Multiple Backend Endpoints?
- What Should I Do After Applying for an Independent Domain Name?
- Can I Bind Private Domain Names for API Access?
- Why Does an API Failed to Be Called Across Domains?
-
API Calling
- What Are the Possible Causes for an API Calling Failure?
- What Should I Do If an Error Code Is Returned During API Calling?
- Why Am I Seeing the Error Message "414 Request URI too large" When I Call an API?
- What Should I Do If "The API does not exist or has not been published in the environment." Is Displayed?
- Why Am I Seeing the Message "No backend available"?
- What Are the Possible Causes If the Message "Backend unavailable" or "Backend timeout" Is Displayed?
- Why Am I Seeing the Message "Backend domain name resolution failed" When a Backend Service Is Called?
- Why Doesn't Modification of the backend_timeout Parameter Take Effect?
- How Do I Switch the Environment for API Calling?
- What Is the Maximum Size of an API Request Package?
- How Do I Perform App Authentication in iOS System?
- Why Can't I Create a Header Parameter Named x-auth-token for an API Called Through IAM Authentication?
- App (Credential) FAQs
- Can Mobile Apps Call APIs?
- Can Applications Deployed in a VPC Call APIs?
- Does APIG Support WebSocket Data Transmission?
- Does APIG Support Persistent Connections?
- How Will the Requests for an API with Multiple Backend Policies Be Matched and Executed?
- Is There a Limit on the Size of the Response to an API Request?
- How Can I Access Backend Services over Public Networks Through APIG?
-
API Authentication
- Does APIG Support HTTPS Two-Way Authentication?
- How Do I Call an API That Does Not Require Authentication?
- Which TLS Versions Does APIG Support?
- Does APIG Support Custom Authentication?
- Will the Request Body Be Signed for Security Authentication?
- Common Errors Related to IAM Authentication Information
- API Control Policies
- API Publishing
- API Import and Export
- API Security
- Other FAQs
- Change History
- Dedicated API Gateway Developer Guide (Paris Region)
-
Dedicated API Gateway API Reference (Paris Region)
- Before You Start
- Calling APIs
-
Dedicated Gateway APIs (V2)
- API Group Management
- Environment Management
- Environment Variable Management
- Request Throttling Policy Management
-
API Management
- Creating an API
- Modifying an API
- Deleting an API
- Publishing an API or Taking an API Offline
- Querying API Details
- Querying APIs
- Debugging an API
- Publishing APIs or Taking APIs Offline
- Querying Historical Versions of an API
- Switching the Version of an API
- Querying the Runtime Definition of an API
- Querying API Version Details
- Taking an API Version Offline
- Signature Key Management
- Binding/Unbinding Signature Keys
- Binding/Unbinding Request Throttling Policies
- Excluded Request Throttling Configuration
- App Authorization Management
- Resource Query
- App Management
- Domain Name Management
- Access Control Policy Management
- Binding/Unbinding Access Control Policies
- Custom Authorizer Management
- API Import and Export
- VPC Channel Management
- Monitoring Information Query
- Group Response Management
- Tag Management
- Gateway Feature Management
- Configuration Management
-
Gateway Management
- Creating a Dedicated Gateway (Pay-Per-Use)
- Querying Dedicated Gateway Details
- Updating a Dedicated Gateway
- Querying the Creation Progress of a Dedicated Gateway
- Updating or Binding an EIP to a Dedicated Gateway
- Unbinding the EIP of a Dedicated Gateway
- Enabling Public Access for a Dedicated Gateway
- Updating the Outbound Access Bandwidth of a Dedicated Gateway
- Disabling Public Access for a Dedicated Gateway
- Querying AZs
- Querying Dedicated Gateways
- Deleting a Dedicated Gateway
- Permissions Policies and Supported Actions
- Appendix
- Change History
-
User Guide (Kuala Lumpur Region)
- General Reference
Copied.
Developing a Custom Authorizer with FunctionGraph
Scenario
In addition to IAM and app authentication, APIG also supports custom authentication with your own authentication system, which can better adapt to your business capabilities.
Custom authentication is implemented using the FunctionGraph service. You can create a FunctionGraph function so that APIG can invoke it to authenticate requests for your API. This section uses basic authentication as an example to describe how to implement custom authentication with FunctionGraph.
General Procedure
- Developing a Custom Authentication Function
Create a function for custom authentication.
- Creating a Custom Authorizer
Create a custom authorizer in APIG to connect the function.
- Creating a Custom Authentication API
Create an API with Custom authentication mode.
- Setting the Error Response
To include the context field of the function response in the API response result, modify the gateway response.
- Mapping Frontend Authentication Parameters to Backend Parameters
Add a system parameter to transfer the context information returned by the function to the backend.
- Verifying the API
Call the API and check whether the context information of the function is successfully returned.
Developing a Custom Authentication Function
Create a function on the FunctionGraph console by referring to Creating a Function for Frontend Custom Authentication.
Create a function on the FunctionGraph page according to the following table.
Parameter |
Description |
---|---|
Create With |
Select Create from scratch. |
Function Type |
Default: Event Function |
Region |
Select the same region as that of APIG. |
Project |
Projects group and isolate resources (including compute, storage, and network resources) across physical regions. A default project is provided for each Huawei Cloud region, and subprojects can be created under each default project. Users can be granted permissions to access all resources in a specific project. The selected region is used by default. |
Function Name |
Set this name as planned. |
Enterprise Project |
Enterprise projects group and manage resources across regions. Resources in enterprise projects are logically isolated. Select default. |
Agency |
An agency that delegates FunctionGraph to access other cloud services. For this example, select Use no agency. |
Runtime |
Select Python 3.6. |
After the function is created, go to the function details page. On the Code tab page, copy the following code to index.py (if you are using a dedicated gateway, for which the authorizer_context_support_num_bool parameter has been enabled, the type of value in context can be boolean or number).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
# -*- coding:utf-8 -*- import json def handler(event, context): # If the authentication information is correct, the username is returned. if event["headers"]["authorization"]=='Basic dXN****cmQ=': return { 'statusCode': 200, 'body': json.dumps({ "status":"allow", "context":{ "user_name":"user1" } }) } else: return { 'statusCode': 200, 'body': json.dumps({ "status":"deny", "context":{ "code": "1001", "message":"incorrect username or password", "authorizer_success": "false" } }) } |
Creating a Custom Authorizer
On the APIG console, choose API Policies > Custom Authorizers, click Create Custom Authorizer page, set Type to Frontend, and select the created function for Function URN.
Creating a Custom Authentication API
On the APIs page of the APIG console, create an API by referring to Creating an API. Set the authentication mode to Custom, and select the custom authorizer created in the preceding section. After modifying the API, publish it.
Setting the Error Response
If incorrect authentication information is carried in a request for the API, the response is displayed as follows:
1 |
{"error_msg":"Incorrect authentication information: frontend authorizer","error_code":"APIG.0305","request_id":"36e42b3019077c2b720b6fc847733ce9"} |
To return the field in the function's context as the API response (if you are using a dedicated gateway, for which the authorizer_context_support_num_bool parameter has been enabled, the type of value in context can be boolean or number), modify the gateway response template. On the details page of the group to which the API belongs, navigate to the Gateway Responses area on the Gateway Information tab, and click Edit. Change the status code to 401, modify the response template with the following code, and click OK (no need to add double quotes for variables of the boolean or number type):
1 |
{"code":"$context.authorizer.frontend.code","message":"$context.authorizer.frontend.message", "authorizer_success": "$context.authorizer.frontend.authorizer_success"} |
After the modification, if incorrect authentication is transferred when calling the API, the status code 401 is returned and the response result is as follows:
1 |
{"code":"1001","message":"incorrect username or password","authorizer_success": "false"} |
Mapping Frontend Authentication Parameters to Backend Parameters
If the authentication is successful, the context information returned by the function can be transferred to the backend of the API. To do this, perform the following configurations:
On the APIs page, choose More > Edit in the row that contains the API, and go to the Define Backend Request page. Add a system parameter, specify the parameter type as Frontend authentication parameter, set the parameter name to the content of the context field in the function response, and set the name and location of the backend parameter to which you want to the map the frontend authentication parameter.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot