To send an Alibaba Cloud CDN API request, you must send an HTTP GET request to the Alibaba Cloud CDN endpoint. You must add the request parameters that correspond to the API operation being called. After you call the API, the system returns a response. The request and response are encoded in UTF-8.
Alibaba Cloud CDN API operations use the RPC protocol. You can call Alibaba Cloud CDN API operations by sending HTTP GET requests. Alibaba Cloud CDN supports both HTTP and HTTPS requests. For data security, we recommend that you send HTTPS requests. All requests and responses are UTF-8 encoded. The request syntax is as follows:
- Endpoint: the endpoint of the Alibaba Cloud CDN API is cdn.aliyuncs.com.
- Action: the name of the operation being performed. For example, to add an accelerated domain, you must set the Action parameter to AddCdnDomain.
- Version: the version of the Alibaba Cloud CDN API. Set the value to 2018-05-10.
- Parameters: the request parameters for the operation. Separate multiple parameters with ampersands
&). Request parameters include both common parameters and operation-specific parameters. Common parameters are used for all Alibaba Cloud CDN API calls regardless of the operation. For more information, see Common parameters.
The following example demonstrates how to call the StartCdnDomain operation in Alibaba Cloud CDN.
http://cdn.aliyuncs.com?Action=StartCdnDomain &DomainName=example.com &Format=XML &AccessKeyId=xxx &SignatureMethod=HMAC-SHA1 &SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf &Version=2018-05-10 &SignatureVersion=1.0 ...
You must sign all API requests to ensure security. Alibaba Cloud uses the request signature to verify the identity of the API caller.
Alibaba Cloud CDN implements symmetric encryption with an AccessKey pair to verify
the identity of the request sender. An AccessKey pair consists of an
AccessKey ID and an
AccessKey secret. An AccessKey pair is an identity credential issued to Alibaba Cloud accounts and
RAM users, which is similar to a logon username and password.
AccessKey IDis used to verify the identity of the user.
AccessKey secretis used to encrypt and verify the signature string. You must keep your AccessKey secret strictly confidential.
You can create an AccessKey pair for your Alibaba Cloud account or RAM user. When you call API operations, you must use the AccessKey pair to complete identity verification. If the AccessKey pair of your Alibaba Cloud account is disclosed, the security of your resources will be threatened. Therefore, we recommend that you use your RAM user to call operations. This reduces the risk of disclosing the AccessKey pair of your Alibaba Cloud account. For more information, see Create an AccessKey.
In the following example, the StartCdnDomain operation is called. The
AccessKey ID is
testid and the
AccessKey secret is
testsecret. Before the request is signed, its URL is as follows:
http://cdn.aliyuncs.com?Action=StartCdnDomain&DomainName=example.com &Format=XML &AccessKeyId=testid &SignatureMethod=HMAC-SHA1 &SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf &SignatureVersion=1.0
The signature string calculated by using
testsecret& is as follows:
Add the signature string to the request as the Signature parameter. The URL of the signed request is as follows:
http://cdn.aliyuncs.com?Action=StartCdnDomain&DomainName=example.com &Format=XML &AccessKeyId=testid &SignatureMethod=HMAC-SHA1 &SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf &SignatureVersion=1.0 &Signature=YGOjauEr2WSn6scXDxc9X0DKwsM=
Alibaba Cloud CDN provides the following sample code for signature calculation: