edit-icon download-icon


Last Updated: Apr 16, 2018

Request structure

SLB APIs belong to the RPC type. You can call SLB APIs by sending HTTP requests.

The request structure is as follows:



  • Endpoint is the entry of the Alibaba Cloud service to call. The generic endpoint of SLB is slb.aliyuncs.com. For more information, see SLB endpoints.

  • Action is the action to perform. For example, use the DescribeLoadBalancers action to query created SLB instances.

  • Parameters are request parameters separated by ampersands (&).

    Request parameters consist of common parameters and API specific parameters. Common parameters include VPI version, credentials and so on.

    The API version of SLB is 2014-05-15.

The following is an example using the DescribeLoadBalancers API to query the created SLB instances:


To make it easy to read, the API request is displayed in the following format in the document:

  1. https://slb.aliyuncs.com/?Action=DescribeLoadBalancers
  2. &Format=xml
  3. &Version=2014-05-15
  4. &Signature=xxxx%xxxx%3D
  5. &SignatureMethod=HMAC-SHA1
  6. &SignatureNonce=15215528852396
  7. &SignatureVersion=1.0
  8. &AccessKeyId=key-test
  9. &Timestamp=2012-06-01T12:00:00Z

SLB endpoints

The following table lists the SLB endpoints in each region.

Note: If a region is not listed, use the generic SLB endpoint.

Region Endpoint
Other regions slb.aliyuncs.com
China (Zhangjiakou) slb.cn-zhangjiakou.aliyuncs.com
China (Hohhot) slb.cn-huhehaote.aliyuncs.com
Japan (Tokyo) slb.ap-northeast-1.aliyuncs.com
Australia (Sydney) slb.ap-southeast-2.aliyuncs.com
Malaysia (Kuala Lumpur) slb.ap-southeast-3.aliyuncs.com
Indonesia (Jakarta) slb.ap-southeast-5.aliyuncs.com
India (Mumbai) slb.ap-south-1.aliyuncs.com
UAE (Dubai) slb.me-east-1.aliyuncs.com
Germany (Frankfurt) slb.eu-central-1.aliyuncs.com

API authorization

For the security of your account, we recommend that you use a RAM user to call APIs. Before using a RAM user to call an API, you must grant the RAM user the corresponding permission to call the API by creating an authorization policy and attaching the policy to the RAM user.

For more information, see RAM authentication.

API signature

To ensure the security of your API, you must sign the API request. Alibaba Cloud uses the signature in the request to verify the identity of the person who calls the API.

Each time you manually call an API, you must use the AccessKey secret to calculate the HMAC value of the encoded and sorted request string as defined RFC 2104. The calculated HMAC value is the value of the signature parameter in the request.

Note: Alibaba Cloud provides multiple SDKs and third-party SDKs to make the manual signature process more efficient.

Add the signature to the API request in the following format:


Take the DescribeLoadBalancers as an example. If the AccessKey ID is testid, and the AccessKey Secret is testsecret, and the original request URL is as follows:


Follow these steps to calculate the signature:

  1. Use the request parameters to create a canonicalized query string to sign.

    The constructed string to sign is as follows:

    1. GET&%2F&AccessKeyId%3Dtestid&Action%3DDescribeLoadBalancers&Format%3DXML&SignatureMethod%3DHMAC-SHA1&SignatureNonce%3D3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf&SignatureVersion%3D1.0&Timestamp%3D2016-02-23T12%253A46%253A24Z&Version%3D2014-05-26
  2. Calculate the HMAC value of the string to sign.

    Append an ampersand to the AccessKey secret as the key to calculate the HMAC value. In this example, the key is testsecret&.

    The calculated signature in this example is as follows:


  3. Add the signature to the request URL.

    The final request URL is as follows:

    http://slb.aliyuncs.com/?Action=DescribeLoadBalancers &SignatureVersion=1.0 SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf &Version=2014-05-15 &AccessKeyId=testid &Signature=CT9X0VtwR86fNWSnsc6v8YGOjuE%3D &SignatureMethod=HMAC-SHA1&Timestamp=2016-02-23T12%3A46%3A24Z &Format=XML&

Thank you! We've received your feedback.