You can send an HTTP GET request to the endpoint of the CDN API to call the API. You must reference the API Reference and specify the parameters in the request when you call the API. After the server receives the request, it returns a response to you.

Structure of a request

The CDN API uses RPC. You can send HTTP GET requests to call CDN API operations. CDN supports both HTTP and HTTPS requests. For data security, we recommend that you send HTTPS requests. All requests and responses are UTF-8 encoded. The structure of the requests is as follows:

https://Endpoint/?Action=xx&Version=xx&Parameters
  • Endpoint: the endpoint of the CDN API is cdn.aliyuncs.com.
  • Action: the action that you want to perform. For example, you can set the parameter to AddCdnDomain to add a CDN domain name.
  • Version: the version of the CDN API. The current CDN API version is 2018-05-10.
  • Parameters: the request parameters. Separate multiple parameters with ampersands (&). Request parameters include common request parameters and custom request parameters. Common parameters include the API version number and identity verification information. For more information, see Common parameters.

The following example shows how to call the StartCdnDomain operation to enable a CDN domain name:

Note The sample requests are presented in an easy-to-read form in this document.
http://cdn.aliyuncs.com?Action=StartCdnDomain
&DomainName=example.com
&Format=XML
&AccessKeyId=xxx
&SignatureMethod=HMAC-SHA1
&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf
&Version=2018-05-10
&SignatureVersion=1.0
...

Request signature

CDN will verify the identity of the request sender for each API request. No matter you send the request over HTTP or HTTPS, you must include the signature information in the request. For more information about the signature calculation process, see RPC API signatures.

CDN uses the AccessKey ID and AccessKey Secret to implement symmetric encryption and verify the identity of a request sender. An AccessKey pair is an identity credential provided to Alibaba Cloud accounts and RAM user accounts. It is similar to a pair of username and password.

Note
  • An AccessKey ID is used to identify a user.
  • An AccessKey Secret is used to calculate the signature on the client and verify the signature on the server. You must keep your AccessKey Secret confidential.

You can create an AccessKey pair for your Alibaba Cloud account and RAM user account. When you call API operations, you must use the AccessKey pair to complete identity verification. If the AccessKey information of your Alibaba Cloud account is disclosed, the security of your resources will be threatened. Therefore, we recommend that you use your RAM user account to call operations. This reduces the risk of disclosing the AccessKey information of your Alibaba Cloud account. For more information, see Create an AccessKey.

In the following example, the StartCdnDomain operation is called. The AccessKeyId is testid and the AccessKeySecret is testsecret. Before the request is signed, its URL is as follows:

http://cdn.aliyuncs.com?Action=StartCdnDomain&DomainName=example.com
&Format=XML
&AccessKeyId=testid
&SignatureMethod=HMAC-SHA1
&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf
&Version=2018-05-10
&SignatureVersion=1.0

The signature string calculated by using testsecret& is as follows:

YGOjauEr2WSn6scXDxc9X0DKwsM=

Add the Signature parameter to the request and set the value to the calculated signature string. The URL of the signed request is as follows:

http://cdn.aliyuncs.com?Action=StartCdnDomain&DomainName=example.com
&Format=XML
&AccessKeyId=testid
&SignatureMethod=HMAC-SHA1
&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf
&Version=2018-05-10
&SignatureVersion=1.0
&Signature=YGOjauEr2WSn6scXDxc9X0DKwsM=

Alibaba Cloud CDN provides the following sample code for signature calculation: