- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Instance Management
- Service Management
- Creating API
- API Creation Overview
- Creating APIs Connecting to the Public URL/IP Backend
- Creating APIs Connecting to the VPC Resource Backend
- Creating APIs Connecting to the SCF Backend
- Creating API for Interconnecting Backend with COS
- Creating APIs Connecting to the Mock Backend
- Creating APIs Connecting to the TSF Backend
- Importing APIs
- API Management
- Calling API
- Release and Access
- Custom Domain Name and Certificate
- Usage Plan
- Backend Upstream
- Verification and Security
- Log Statistics
- Access Monitoring
- API Doc Generator
- Application Management
- Permission Management
- Precautions
- Private IP Ranges and Public VIPs of API Gateway Regions
- Plugin Usage
- Practical Tutorial
- Making Serverless Service Available quickly through API Gateway
- Integrating WAF to API Gateway for Security Protection
- Accessing Resources in IDC via API Gateway Dedicated Instance
- Quick Access to TEM Application via API Gateway
- Integrating ECDN to API Gateway for Acceleration
- API Gateway Providing the Access Capability for TKE
- Migrating from Region A to Region B
- Development Guide
- API Documentation
- Legacy Features
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
- Release Notes and Announcements
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Instance Management
- Service Management
- Creating API
- API Creation Overview
- Creating APIs Connecting to the Public URL/IP Backend
- Creating APIs Connecting to the VPC Resource Backend
- Creating APIs Connecting to the SCF Backend
- Creating API for Interconnecting Backend with COS
- Creating APIs Connecting to the Mock Backend
- Creating APIs Connecting to the TSF Backend
- Importing APIs
- API Management
- Calling API
- Release and Access
- Custom Domain Name and Certificate
- Usage Plan
- Backend Upstream
- Verification and Security
- Log Statistics
- Access Monitoring
- API Doc Generator
- Application Management
- Permission Management
- Precautions
- Private IP Ranges and Public VIPs of API Gateway Regions
- Plugin Usage
- Practical Tutorial
- Making Serverless Service Available quickly through API Gateway
- Integrating WAF to API Gateway for Security Protection
- Accessing Resources in IDC via API Gateway Dedicated Instance
- Quick Access to TEM Application via API Gateway
- Integrating ECDN to API Gateway for Acceleration
- API Gateway Providing the Access Capability for TKE
- Migrating from Region A to Region B
- Development Guide
- API Documentation
- Legacy Features
- FAQs
- Service Level Agreement
- Contact Us
- Glossary
Scenario
This document describes how to use the application-enabled authentication mode for the authentication management of your APIs in JavaScript.
Operation Directions
1. In the API Gateway console, create an API and select the authentication type as App authentication. To learn more about the authentication types, please find the documentation for different types of backends in Creating API - Overview.
2. Release the service where the API resides to an environment. See Service Release and Deactivation.
3. Create an application on the Application page in the console.
4. Select the created application in the application list, click Bind API, select the service and API, and click Submit to bind the application to the API.
5. Generate signing information in JavaScript by referring to the Sample Code.
Environmental Dependencies
API Gateway provides sample codes with the request body in JSON format and form-data format. Please select as needed.
Note
For more information on operations such as application lifecycle management, authorizing an app to access the API, and binding an app with an API, please see Application Management.
For the application signature generation process, please see Application Authentication.
Sample Code
Sample codes with the request body in JSON format
const https = require('https')const crypto = require('crypto')// Application's `ApiAppKey`const apiAppKey = 'APIDLIA6tMfqsinsadaaaaaaaapHLkQ1z0kO5n5P'// Application ApiAppSecretconst apiAppSecret = 'Dc44ACV2Da3Gm9JVaaaaaaaaumYRI4CZfVG8Qiuv'const dateTime = new Date().toUTCString()const body = {arg1: 'a',arg2: 'b',}const md5 = crypto.createHash('md5').update(JSON.stringify(body), 'utf8').digest('hex')const contentMD5 = Buffer.from(md5).toString('base64')const options = {hostname: 'service-xxxxxxxx-1234567890.gz.apigw.tencentcs.com',port: 443,path: '/data',method: 'POST',headers: {Accept: 'application/json','Content-Type': 'application/json','Content-MD5': contentMD5,'Content-Length': JSON.stringify(body).length,'x-date': dateTime,},}const signingStr = [`x-date: ${dateTime}`,options.method,options.headers.Accept,options.headers['Content-Type'],contentMD5,options.path,].join('\\n')const signing = crypto.createHmac('sha1', apiAppSecret).update(signingStr, 'utf8').digest('base64')const sign = `hmac id="${apiAppKey}", algorithm="hmac-sha1", headers="x-date", signature="${signing}"`options.headers.Authorization = signconst req = https.request(options, (res) => {console.log(`STATUS: ${res.statusCode}`)res.on('data', (chunk) => {console.log('BODY: ' + chunk)})})req.on('error', (error) => {console.error(error)})req.write(JSON.stringify(body))req.end()
Sample code with the request body in form-data format
const https = require('https')const crypto = require('crypto')const querystring = require('querystring')const url = require('url')// Application's `ApiAppKey`const apiAppKey = 'APIDLIA6tMfqsinsadaaaaaaaapHLkQ1z0kO5n5P'// Application ApiAppSecretconst apiAppSecret = 'Dc44ACV2Da3Gm9JVaaaaaaaaumYRI4CZfVG8Qiuv'const dateTime = new Date().toUTCString()const body = {arg1: 'a',arg2: 'b',}const contentMD5 = ''const options = {hostname: 'service-xxxxxxxx-1234567890.gz.apigw.tencentcs.com',port: 443,path: '/data',method: 'POST',headers: {Accept: 'application/json','Content-Type': 'application/x-www-form-urlencoded','x-date': dateTime,},}// Splicing form parameter and query parameter and sort them according to the dictionaryconst parsedPath = url.parse(options.path, true)const sortedQueryParams = sortQueryParams({ ...body, ...parsedPath.query })const signingStr = buildSignStr(sortedQueryParams)const signing = crypto.createHmac('sha1', apiAppSecret).update(signingStr, 'utf8').digest('base64')const sign = `hmac id="${apiAppKey}", algorithm="hmac-sha1", headers="x-date", signature="${signing}"`options.headers.Authorization = sign// Send the requestconst req = https.request(options, (res) => {console.log(`STATUS: ${res.statusCode}`)res.on('data', (chunk) => {console.log('BODY: ' + chunk)})})req.on('error', (error) => {console.error(error)})req.write(querystring.stringify(body))req.end()function sortQueryParams(body) {const keys = Object.keys(body).sort()let signKeys = []for (let i = 0; i < keys.length; i++) {signKeys.push(keys[i])}// Sort in lexicographical orderreturn signKeys.sort()}function buildSignStr(sorted_body) {const keyStr = sorted_body.map((item) => {return `${item}=${body[item]}`}).join('&')return [`x-date: ${dateTime}`,options.method,options.headers.Accept,options.headers['Content-Type'],contentMD5,`${parsedPath.pathname}${keyStr ? `?${keyStr}` : ''}`,].join('\\n')}
Yes
No
Was this page helpful?