All Products
Search

This Product

    API Gateway:Manage consumer authorization

    Document Center

    API Gateway:Manage consumer authorization

    Last Updated:May 21, 2025

    This topic describes how to manage authorizations for API consumers to ensure that only authenticated and verified requests can access service resources.

    Authorize a consumer

    1. Log on to the Cloud-native API Gateway console.

    2. In the left-side navigation pane, click Consumers. In the top navigation bar, select a region.

    3. On the Consumer page, click the name of the desired consumer to go to the consumer details page. On the Consumer Authorization tab, click Authorization.

    4. In the Add Operation Authorization panel, configure the parameters and click OK. The following table describes the parameters.

      Parameter

      Description

      Authorization level

      API Type

      Select the type of the API. Valid values: REST API, HTTP API, WebSocket API, and AI API.

      operation, route, and API

      Effective For

      Select the gateway instance on which the configuration takes effect.

      operation and API

      Authorization Scope

      Select the object to which you want to implement access control. This parameter is set to Operation if you set the API Type parameter to REST API. This parameter is set to Route if you set the API Type parameter to HTTP API or WebSocket API. This parameter is set to API if you set the API Type parameter to AI API.

      operation, route, and API

      Effective API

      Select the API to which the operation or route belongs.

      operation and route

      Effective Version

      If versioning is enabled for the REST API, select a version. This parameter is required only if you set the API Type parameter to REST API.

      operation

      Select Interface

      Select the operation to which you want to authorize. This parameter is required only if you set the API Type parameter to REST API.

      operation

      Select Routing

      Select the route to which you want to authorize. This parameter is required only if you set the API Type parameter to HTTP API or WebSocket API.

      route

      Show Only APIs Published To This Gateway

      If this switch is turned on, only APIs that are published to this gateway instance are displayed. This parameter is required only if you set the API Type parameter to AI API.

      API

      Select API

      Select the API to which you want to authorize. This parameter is required only if you set the API Type parameter to AI API.

      API

    Revoke authorization

    1. Log on to the Cloud-native API Gateway console.

    2. In the left-side navigation pane, click Consumers. In the top navigation bar, select a region.

    3. On the Consumer page, click the name of the desired consumer. On the consumer details page, click the Consumer Authorization tab.

    4. On page that appears, perform the following operations based on the type of the API:

      • REST API

        Click the image icon to the left of the API name. In the panel that appears, click Revoke authorization in the Actions column. In the message that appears, click Revoke. To revoke multiple operations at a time, select the operations from which you want to revoke the authorization and click Batch Revoke. In the message that appears, click Revoke.

      • WebSocket API, HTTP API

        Click the image icon to the left of the API name. In the panel that appears, click Revoke authorization in the Actions column. In the message that appears, click Revoke. To revoke multiple operations at a time, select the operations from which you want to revoke the authorization and click Batch Revoke. In the message that appears, click Revoke.

    References

    For more information about how to configure authorization and authentication for a consumer to impleme secure access, see Configure consumer authorization and authentication.