To send an Anti-DDoS Origin API request, you must send an HTTP GET request to the Anti-DDoS Origin endpoint. You must add the request parameters that correspond to the API operation being called. After you call the API operation, the system returns a response. The request and response are encoded in UTF-8.

Request syntax

Anti-DDoS Origin API operations use the RPC protocol. You can call Anti-DDoS Origin API operations by sending HTTP GET requests.

The request syntax is as follows:
https://Endpoint/?Action=xx&Parameters
where:
  • Endpoint: the endpoint of the Anti-DDoS Origin API operation.
    Endpoint Supported regions
    ddosbgp.aliyuncs.com
    • Mainland China
      • China (Hangzhou): cn-hangzhou
      • China (Shanghai): cn-shanghai
      • China (Qingdao): cn-qingdao
      • China (Beijing): cn-beijing
      • China (Zhangjiakou): cn-zhangjiakou
      • China (Hohhot): cn-huhehaote
      • China (Ulanqab): cn-wulanchabu
      • China (Shenzhen): cn-shenzhen
      • China (Heyuan): cn-heyuan
      • China (Chengdu): cn-chengdu
    • International regions
      • UK (London): eu-west-1
      • Germany (Frankfurt): eu-central-1
      • Japan (Tokyo): ap-northeast-1
      • Australia (Sydney): ap-southeast-2
      • Malaysia (Kuala Lumpur): ap-southeast-3
      • Indonesia (Jakarta): ap-southeast-5
      • India (Mumbai): ap-south-1
      • UAE (Dubai): me-east-1
      • Russia (Moscow): rus-west-1
    ddosbgp.cn-hongkong.aliyuncs.com China (Hong Kong): cn-hongkong
    ddosbgp.ap-southeast-1.aliyuncs.com Singapore: ap-southeast-1
    ddosbgp.us-west-1.aliyuncs.com US (Silicon Valley): us-west-1
    ddosbgp.us-east-1.aliyuncs.com US (Virginia): us-east-1
  • Action: the name of the operation being performed. For example, to query the details of Anti-DDoS Origin instances, you must set the parameter to DescribeInstanceList.
  • Version: the version number of the API. Set the value to 2017-11-20.
  • Parameters: the request parameters for the operation. Separate multiple parameters with ampersands (&).

    Request parameters include both common parameters and operation-specific parameters. Common parameters are used for all Anti-DDoS Origin API calls regardless of the operation. For more information, see Common parameters.

The following example demonstrates how to call the DescribeInstanceList operation in Anti-DDoS Origin:
Note To improve readability, the API request is displayed in the following format.
https://ddosbgp.aliyuncs.com/?Action=DescribeOnDemandInstance
&DdosRegionId=cn-hangzhou
&InstanceId=ddosbgp-cn-xxx
&Format=xml
&Version=2017-11-20
&Signature=xxxx%xxxx%3D
&SignatureMethod=HMAC-SHA1
&SignatureNonce=15215528852396
&SignatureVersion=1.0
&AccessKeyId=key-test
&TimeStamp=2012-06-01T12:00:00Z

API authorization

To ensure the security of your Alibaba Cloud account, we recommend that you call the Anti-DDoS Origin API as a RAM user. Before you use the credentials of the RAM user to call the Anti-DDoS Origin API, you must create and assign appropriate permissions to the user.

API signature

You must sign all API requests to ensure security. Alibaba Cloud uses the request signature to verify the identity of the API caller, regardless if an HTTP request or an HTTPS request is used.

When you call an RPC API, you must add the signature to your request in the following format:
https://endpoint/?SignatureVersion=1.0&SignatureMethod=HMAC-SHA1&Signature=CT9X0VtwR86fNWSnsc6v8YGOjuE%3D&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf