manualshive.com logo in svg

Alibaba Cloud API Gateway, Руководство пользователя

User Manual для Alibaba Cloud API Gateway доступен для скачивания бесплатно на manualshive.com. Получите подробное описание продукта, инструкции по использованию и настройке API Gateway, чтобы эффективно управлять вашими функциями и услугами в облаке.

Поделиться
Скачать
background image

iii.

publicKey: Used to verify and resolve the Token, which is generated by the AS. For example: 

 

Configurations of other parameters are the same as those for common APIs, which are not

described.

  
No matter creating an API or modifying an API, the configured KeyId and publicKey take

effect only after the API is released.

 
 

For the service APIs, you must configure the parameter corresponding to the Token.

  

 

 

As shown in the preceding figure, the parameter corresponding to the Token is

that sent to the id_token when the Consumer calls the API. The API gateway

identifies, verifies, and resolves this parameter.

 

 

In the Input parameter definition area, a corresponding parameter must be

defined. Otherwise, an error message is prompted, as shown in the following

figure.

 

Configuring the custom system parameters: The service API enables configuration

of custom system parameters on the Define API backend server tab. One example

is shown in the following figure. 

 
{"kty":"RSA","kid":"88483727556929326703309904351185815489","alg":"ES256","n":"ie0IKvKLd7Y3izHcZ
emdDsVVXg5QtWtGF7XEkILnn66R2\_3a30DikqV409OVL7Hv0ElACgCaBLEgZeGHTcdLE1xxDTna8MMBnB
NuMVghvFERCKh8uzpxlQsfcnFd5IFdJWj1x5Tscetrow6lA3h5zYx0rF5TkZzC4DclxgDmITRam0dsHBxr3uk9
m9YYBz2mX0ehjY0px7vIo7hZH2J3gODEPorIZkk3x8GPdlaA4P9OFAO4au9-zcVQop9vLirxdwDedk2p-
F9GP6UiQC9V2LTWqkVw\_oPBf9Rlh8Qdi19jA8SeCfzAxJZYlbOTK8dYAFAVEFsvXCFvdaxQefwWFw","e":"A
QAB"}

API Gateway

User Guide for Providers

22

Содержание API Gateway

Страница 1: ...API Gateway User Guide for Providers...

Страница 2: ...deprecation and version switching Easy data conversion You can configure a mapping rule to convert the calling request into the format required by the backend Presetting of request verification You c...

Страница 3: ...o backend services the format of returned results the parameter verification rules and so on Define basic information Basic API information includes the API group API name description and API type Sel...

Страница 4: ...rom that in the backend service address You have to map the parameters when defining the path if they are in the backend service address Input parameter definition The parameters to input conprise hea...

Страница 5: ...r The parameter name must be globally unique It is not allowed to enter a parameter named name in headers and queries at the same time After the preceding steps now you can test and release the API gr...

Страница 6: ...in name as follows The unique and fixed second level domain name is assigned by the system during group creation By default a second level domain name is used to call the API only in the test environm...

Страница 7: ...definitions Editing the definition of a released API does not affect the definition in the production environment unless you release and synchronize it to the production environment It is not allowed...

Страница 8: ...ew the release history of each of you APIs including the version number notes test production and time of each release When viewing the release history you can select a version and switch to it The ne...

Страница 9: ...he throttling policy is described as follows Throttling policy contains the following dimensions The three values can be set in one throttling policy Note that the user traffic limit API traffic limit...

Страница 10: ...e and special object settings appliable to each API separately The lattest policy bound to the API overwrites the previous one and takes effect immediately To add a special app or user you must obtain...

Страница 11: ...ount Restrictions on the number of independent domain names bound to an API group At most five independent domain names can be bound to a group Restrictions on the traffic for calling an API The traff...

Страница 12: ...name is X Ca Signature How to add a signature at the backend HTTP service For more information about the demo Java of signature calculation see https github com aliyun api gateway demo sign backend ja...

Страница 13: ...ercase letters in the key of the header to lowercase and splice the keys in the following method URL URL indicates the Form parameter in the Path Query Body The organization method is as follows If Qu...

Страница 14: ...uthorization OpenID Connect is a lightweight standard based on OAuth 2 0 which provides a framework for identity interaction through APIs Compared with OAuth OpenID Connect not only authenticates a re...

Страница 15: ...oken to the client When configuring such APIs you must inform the API gateway about the key corresponding to your Token and the public key used to resolve the Token Service APIs Interfaces used to obt...

Страница 16: ...ined by the authorization API and the signed Appkey to call the service API The API gateway authenticates and resolves the Token and sends the user information contained in the Token to the backend Du...

Страница 17: ...d U P mode The API gateway transparently transmits the request to the AS The AS sends the user authentication request to the Provider service provider The Provider returns the authentication results o...

Страница 18: ...as follows The Consumer sends the parameter with the id_token to the API gateway The API gateway saves the publicKey used for verification verifies and resolves the id_token to obtain the User informa...

Страница 19: ...e KeyPair uses the RSA SHA256 encryption algorithm To guarantee security 2 048 bits are encrypted All KeyPairs used in the AS are in the JSON format The following is an example publicKey privateKey St...

Страница 20: ...uiM2oiKtW3bAaBP uiR7sVMFcuB5baCebHU487YymJCBTfeCZtFdi6c4w0 dp gVCROKonsjiQCG s6X4j saAL016jJsw 7QEYE6uiMHqR _6iJ _uD1V8Vuec RxaItyc6SBsh24oeqsNoG7Ndaw7w912UVDwVjwJKQFCJDjU0v4oniItosKcPvM8M0TDUB1qZojuM...

Страница 21: ...s toJson PrivateKey privateKey new RsaJsonWebKey JsonUtil parseJson privateKeyText getPrivateKey jws setKey privateKey String idToken jws getCompactSerialization eyJhbGciOiJSUzI1NiIsImtpZCI6Ijg4NDgzNz...

Страница 22: ...example obtaining the Token using U P Service APIs Used by the Provider to provide services The Consumer calls the obtained Token as an input parameter The OpenID Connect certification method is used...

Страница 23: ...he Input parameter definition area a corresponding parameter must be defined Otherwise an error message is prompted as shown in the following figure Configuring the custom system parameters The servic...

Страница 24: ...sing the RAM employees can use the sub accounts to view create manage and delete API groups APIs authorizations and throttling policies However the sub accounts are not the owner of resources whose op...

Страница 25: ...policy For more information about how to view create modify and delete a custom authorization see Authorization policy management For more information about how to enter the authorization policy conte...

Страница 26: ...region indicates the region You can also enter the wildcards which indicate all regions account id indicates the account ID such as 1234567890123456 You can also enter the wildcards relative id indica...

Страница 27: ...ntid trafficco ntrol trafficcontrolId DeleteTrafficSpecialControl acs apigateway regionid accountid trafficco ntrol trafficcontrolId DeployApi acs apigateway regionid accountid apigroup groupId Descri...

Страница 28: ...cs apigateway regionid accountid apigroup DescribeRulesByApi acs apigateway regionid accountid group groupId DescribeSecretKeys acs apigateway regionid accountid secretke y DescribeTrafficControls acs...

Страница 29: ...rafficcontrolId RemoveAppsFromApi acs apigateway regionid accountid apigroup groupId RemoveBlackList acs apigateway regionid accountid blacklist blacklistid SetAccessPermissionByApis acs apigateway re...

Страница 30: ...the intranet This authorization is only used for the API gateway to access corresponding backend resources The API gateway cannot access unauthorized resources or ports For example if only port 80 of...

Страница 31: ...e the API gateway for access Click API Gateway Console Open API Authorize VPC and then click Create Authorization Go to the authorization page and enter corresponding information VPC name Indicates th...

Страница 32: ...tion of other parameters for the API is consistent with that for other APIs Save the configuration The API creation is complete 3 Authorize a security group Optional You can skip this step if you use...

Страница 33: ...backend service works in multiple VPC instances Why cannot I authorize my VPC Make sure that the VPC ID instance ID and port number are correct and that the authorization policy and VPC are within the...

Страница 34: ...e interdependency among them may in turn restrict each of them during the process and mutual misunderstanding may influence the development progress or even delay the project schedule Therefore Mock i...

Страница 35: ...t to the test or online environment for test or to the API debugging page for debugging based on your actual needs Debugging You can initiate an API call on the API debugging page to test the setting...

Страница 36: ...r end which avoids unnecessary latency and improves efficiency In case of a large amount of requests the client can use this method to transmit the request data with only a few connections Header comp...

Страница 37: ...future To Support HTTPS HTTPS is a protocol integrating HTTP and SSL It encrypts information and data to guarantee data transmission security HTTPS is widely used today The API gateway also supports...

Страница 38: ...e and click Open API Group Management Click the group to which the SSL certificate is to be bound and check the group details Before binding the SSL certificate bind an Independent domain name to the...

Страница 39: ...er binding the SSL certificate you can enable access over HTTP HTTPS or HTTP and HTTPS for APIs For security considerations we recommend that you configure all APIs to support access over HTTPS You ca...

Страница 40: ...After the adjustment the API configuration is complete Your API supports access over HTTPS API Gateway User Guide for Providers 39...

Отзывы:

Нет отзывов

Похожие инструкции для API Gateway

3Com OfficeConnect 3C855 Setting Up preview
OfficeConnect 3C855
Бренд: 3Com Страницы: 4
Chipkin CAS 2700-53 Manual preview
CAS 2700-53
Бренд: Chipkin Страницы: 30
MSA fieldserver EZ Series Operating Manual preview
fieldserver EZ Series
Бренд: MSA Страницы: 61
Sagem MAxx1 Installation Manual preview
MAxx1
Бренд: Sagem Страницы: 27
Hirschmann OpEdge-8D User Manual preview
OpEdge-8D
Бренд: Hirschmann Страницы: 44
ZyXEL Communications EMG6726-B10A User Manual preview
EMG6726-B10A
Бренд: ZyXEL Communications Страницы: 323
NetComm HS1100 User Manual preview
HS1100
Бренд: NetComm Страницы: 212
Infranet Technologies M2M CONTROL CX660 Technical Manual preview
M2M CONTROL CX660
Бренд: Infranet Technologies Страницы: 44
Innoband 6000-B1 User Manual preview
6000-B1
Бренд: Innoband Страницы: 87
HMS Ixxat SG-gateway Startup Manual preview
Ixxat SG-gateway
Бренд: HMS Страницы: 14
2Wire HomePortal 3700HGV Specification preview
HomePortal 3700HGV
Бренд: 2Wire Страницы: 4
Cradlepoint COR IBR350 Manual preview
COR IBR350
Бренд: Cradlepoint Страницы: 148
FarSite Communications FarLinX X25 Quick Start Manual preview
FarLinX X25
Бренд: FarSite Communications Страницы: 2
3Com PathBuilder S200 Series Owner'S Manual preview
PathBuilder S200 Series
Бренд: 3Com Страницы: 162
ICP Global Pty DIP1000 Installation And User Manual preview
DIP1000
Бренд: ICP Global Pty Страницы: 5
Polygon Technologies Micro Commander GC0101 User Manual preview
Micro Commander GC0101
Бренд: Polygon Technologies Страницы: 36
IBM SAN24B-6 Product Manual preview
SAN24B-6
Бренд: IBM Страницы: 18
RTA 460BCPBS Product User Manual preview
460BCPBS
Бренд: RTA Страницы: 74

Бренды по названию

Популярные бренды

Загрузить еще бренды