When you call an API, API Gateway uses the AppKey and AppSecret to calculate the encrypted signature for identity verification.
In API Gateway, you must use an app as your identity to call an API. During app creation, the system automatically assigns an AppKey and AppSecret which is used for the server to verify your identity.
Either the HTTP or HTTPS request must include signature information. The AppKey indicates your identity. The AppSecret is used to encrypt and verify the signature string on the server. For more information about the methods of calculating and passing the encrypted signature, see Portal and Protocol.