检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Options: NONE: no authentication APP: App authentication IAM: IAM authentication AUTHORIZER: Custom authentication group_name String Name of the API group to which the API belongs. publish_id String API publication record ID. throttle_apply_id String ID of a request throttling policy
Authentication Mode App and IAM authentication is supported. You can also choose not to authenticate requests. App: Requests will be authenticated by APIG. This authentication mode is recommended. IAM: Requests will be authenticated by IAM.
Table 1 Common practices Practice Description Developing a Custom Authorizer with FunctionGraph In addition to IAM and app authentication, APIG also supports custom authentication with your own authentication system, which can better adapt to your business capabilities.
NONE APP IAM AUTHORIZER match_mode String API matching mode. SWA: Prefix match. NORMAL: Exact match.
NONE APP IAM AUTHORIZER match_mode String API matching mode. SWA: Prefix match. NORMAL: Exact match.
Specify an account ID (not IAM user ID) for an API with IAM authentication. For details, see Obtaining an Account Name and Account ID. Threshold The maximum number of times an API can be called by the tenant within a specified period.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
If the authentication mode of the target API has been set to None or IAM, you do not need to create apps to call this API. Creating an App Access the shared gateway console. In the navigation pane, choose API Calling > Apps. Click Create App, and configure the app information.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details on API calling authentication, see Authentication. The following is an example response.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
Figure 1 Process of using APIG Using IAM to Grant Access to APIG Create a user and grant APIG permissions with IAM. If the preset permissions do not meet requirements, you can create custom policies.
Permission API New Action Related Action IAM Project Enterprise Project Deleting multiple request throttling policies POST /v2/{project_id}/apigw/instances/{instance_id}/throttles/batch-delete apig:throttles:delete - √ √ From September 2024, if users use custom policies to access
Solution For details, see Incorrect IAM authentication information: verify aksk signature fail.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
