When requesting an API, the app that the AppKey belongs to is unauthorized to call the API.
Factors determining authorization validity include app, API, stage, and authorization.
- If you are an open API user and use the app for testing, you must create an app on the API Gateway console. Then use the AppId to authorize the app on the API list page. For a self-testing purpose, the open API user needs to authorize the created app.
- If you bought an API, you can check the authorized APIs of this app on the app details page. If the API to be called is not authorized, authorize the expected API.
- If you use a partner’s API instead of buying one, contact your partner and provide your AppId for authorization by the API provider.
- The authorization is subject to the stage. When the app and API are in the same stage, the authorization and request must also be in the same stage. When an API is authorized in the A stage, services of the API in the B stage cannot be called. For more information about the request stage and other parameters, see API request sample.
- The most important thing is to check whether the wrong app is used or whether an incorrect API is called. Many APIs and apps exist, and sometimes they get mixed up and result in a call failure. For example, the app in the A stage is authorized, but the app in the B stage is called. Make sure all care is taken when calling the apps.