Preparation
Before calling APIs in App authentication mode, complete the following operations:
- Obtain the domain name, request URL, and request method of the API.
View the settings by choosing API Call > API Request on the API details page.
- Publish the API in an environment before you can access it.
View the environment in which the API is published on the API Request page.
- Provide a valid AppKey and AppSecret to generate an authentication signature.
Create an app on the Apps page and bind it to the API. Then you can use the AppKey and AppSecert of the app to access the API. View the AppKey and AppSecret on the app details page.
- AppKey: access key ID of the app. It is the unique ID associated with a secret access key. The AppKey and AppSecret are together used to obtain an encrypted signature for a request.
- AppSecret: secret access key used together with an AppKey to sign requests. The AppKey and AppSecret can be together used to identify a request sender to prevent the request from being modified.
- When sending an API request, add the current time to the X-Sdk-Date header and the signature information to the Authorization header.
The local time on the client must be synchronized with the clock server to avoid a large error in the value of the X-Sdk-Date request header.
API Gateway checks the time format and compares the time with the time when API Gateway receives the request. If the time difference exceeds 15 minutes, API Gateway will reject the request.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot