- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Instance Management
- Service Management
- Creating API
- API Creation Overview
- Creating APIs Connecting to the Public URL/IP Backend
- Creating APIs Connecting to the VPC Resource Backend
- Creating APIs Connecting to the SCF Backend
- Creating API for Interconnecting Backend with COS
- Creating APIs Connecting to the Mock Backend
- Creating APIs Connecting to the TSF Backend
- Importing APIs
- API Management
- Calling API
- Release and Access
- Custom Domain Name and Certificate
- Usage Plan
- Backend Upstream
- Verification and Security
- Log Statistics
- Access Monitoring
- API Doc Generator
- Application Management
- Permission Management
- Precautions
- Private IP Ranges and Public VIPs of API Gateway Regions
- Plugin Usage
- Practical Tutorial
- Making Serverless Service Available quickly through API Gateway
- Integrating WAF to API Gateway for Security Protection
- Accessing Resources in IDC via API Gateway Dedicated Instance
- Quick Access to TEM Application via API Gateway
- Integrating ECDN to API Gateway for Acceleration
- API Gateway Providing the Access Capability for TKE
- Migrating from Region A to Region B
- Development Guide
- API Documentation
- Legacy Features
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Instance Management
- Service Management
- Creating API
- API Creation Overview
- Creating APIs Connecting to the Public URL/IP Backend
- Creating APIs Connecting to the VPC Resource Backend
- Creating APIs Connecting to the SCF Backend
- Creating API for Interconnecting Backend with COS
- Creating APIs Connecting to the Mock Backend
- Creating APIs Connecting to the TSF Backend
- Importing APIs
- API Management
- Calling API
- Release and Access
- Custom Domain Name and Certificate
- Usage Plan
- Backend Upstream
- Verification and Security
- Log Statistics
- Access Monitoring
- API Doc Generator
- Application Management
- Permission Management
- Precautions
- Private IP Ranges and Public VIPs of API Gateway Regions
- Plugin Usage
- Practical Tutorial
- Making Serverless Service Available quickly through API Gateway
- Integrating WAF to API Gateway for Security Protection
- Accessing Resources in IDC via API Gateway Dedicated Instance
- Quick Access to TEM Application via API Gateway
- Integrating ECDN to API Gateway for Acceleration
- API Gateway Providing the Access Capability for TKE
- Migrating from Region A to Region B
- Development Guide
- API Documentation
- Legacy Features
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
Overview
This document describes how to call the key pair authentication API.
Prerequisites
Creating key pair authentication API
1. In the API Gateway console, create an API and select the authentication type as "key pair authentication" (for more information, see API Creation Overview).
2. Release the service where the API resides to an environment. See Service Release and Deactivation.
3. Create a key pair on the key management page in the console.
4. Create a usage plan on the usage plan page in the console and bind it to the created key pair (for more information, see Sample Usage Plan).
5. Bind the usage plan to the API or the service where the API resides.
Confirming information
Before calling the API, you must have the
SecretId and SecretKey of the API to be called and understand the API request path, method, and parameters.Preparing tools
You can initiate requests from sources including browsers, browser plugins, Postman, and clients. Postman is recommended for simple validation.
Sample Call
Address
http://service-xxxxxxxx-1234567890.ap-guangzhou.apigateway.myqcloud.com/release// Enter the URL of the API service you want to call
URL concatenation rule: service path + environment parameter + API path
Methods
POST
Request body
QueryParam_a=value1&QueryParam_b=value2
Request headers
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8Accept-Language: zh-cnConnection: Keep-AliveHost: service-xxxxxxxx-1234567890.ap-guangzhou.apigateway.myqcloud.com/releaseUser-Agent: Mozila/4.0(compatible;MSIE5.01;Window NT5.0)Accept-Encoding: gzip,deflateContent-Type: application/x-www-form-urlencoded;charset=utf-8// Request body type, which should be set according to the actual request body content.X-Client-Proto: httpX-Client-Proto-Ver: HTTP/1.1X-Real-IP: 163.xxx.xx.244X-Forwarded-For: 106.xxx.xx.102, 163.xxx.xx.244Date: Sun, 21 Sep 2017 06:18:21 GMTAuthorization: hmac id="AKIDCgXXXXXXXX48pN", algorithm="hmac-sha1", headers="Date Host", signature="630123456789da9c"// Signature. For specific signature algorithms, see the key calculation method in authentication and security
The eventually delivered HTTP request contains at least two headers:
Date or X-Date and Authorization. More optional headers can be added in the request. If Date is used, the server will not check the time; if X-Date is used, the server will check the time.The value of
Date header is the construction time of the HTTP request in GMT format, such as Fri, 09 Oct 2015 00:00:00 GMT.The value of
X-Date header is the construction time of the HTTP request in GMT format, such as Mon, 19 Mar 2018 12:08:40 GMT. It cannot deviate from the current time for more than 15 minutes.For the value of
Authorization header, see Key Pair Authentication. For sample signatures generated in different programming languages, see API Gateway.Response Processing
Response code
Response Code | Description |
200 ≤ code < 300 | Success |
300 ≤ code < 400 | Redirect, which requires subsequent operations to complete the request |
400 ≤ code < 500 | Client error |
code > 500 | Server error |
Response headers
Content-Type: text/html; charset=UTF-8Content-Length: 122Date: Sun, 21 Sep 2017 06:46:04 GMTServer: squid/3.5.20Connection: closeSet-Cookie:1P_JAR=2017-09-18-06; expires=Mon, 25-Sep-2017 06:46:04 GMT; path=/; domain=.qq.comX-Secret-ID:AKIDXXXXXXXX48pN// `secret_id` in key pairX-UsagePlan-ID:XXXXXXXX// ID of the usage plan bound to the key pairX-RateLimit-Limit:500// Throttling configuration in the usage planX-RateLimit-Used:100/125// Throttling usage in the usage plan
Yes
No
Was this page helpful?