DataService Studio supports two authentication methods for API calls: simple authentication (AppCode) and signature authentication (AppKey + AppSecret). This topic describes how to get your authentication credentials and make your first authenticated request.
Prerequisites
Before you begin, ensure that you have:
An API published to API Gateway. See Publish an API
The API's parameter definition
An app with a valid key pair (AppKey and AppSecret). See Create an app
Authorization granted to your app to call the API. See API authorization
Background information
API Gateway allows you to use SDKs to authorize apps to call APIs. You can authorize your own account, a user in your enterprise, or a third party to call APIs.
Choose an authentication method
| Method | What you send in the request header | When to use |
|---|---|---|
| Simple authentication | AppCode | Quick integration, lower security requirements |
| Signature authentication | AppKey and AppSecret | Production workloads, higher security requirements |
Set up API access
Step 1: Get the API
Obtain access to the API through one of these channels:
Alibaba Cloud Marketplace: Purchase the API, then view it in the Alibaba Cloud Marketplace console.
API provider authorization: Request authorization from the API owner, then view the API in the API Gateway console.
Step 2: Create an app
In API Gateway, apps define your calling identity. Each app has a key pair — AppKey and AppSecret — that functions like a username and password.
Create an app in API Gateway if you haven't already done so.
Step 3: Authorize the app
Authorization grants your app permission to call a specific API. The authorization method varies depending on how you obtained the API.
For details, see API authorization.
Step 4: Get your authentication credentials
Log on to the DataWorks console. In the top navigation bar, select your region. In the left-side navigation pane, choose Data Analysis and Service > DataService Studio. Select your workspace from the drop-down list and click Go to DataService Studio.
In the top navigation bar of the DataService Studio page, click Service Management.
In the left-side navigation pane, click Call APIs.
On the Call APIs page, view or copy the authentication information that is required to call APIs based on your business requirements.
Verification: The Call APIs page displays your authentication credentials. If the page is empty, confirm that your app has been authorized to call the API.
Step 5: Call the API
Send an HTTP or HTTPS request with your authentication credentials in the request header. Before you call the API, you can use examples of calling APIs in multiple languages in the API Gateway console to test the call.
For more information, see Examples on calling APIs and Enable HTTPS for an API operation.
What's next
Examples on calling APIs — multi-language SDK examples for making authenticated calls
API authorization — manage which apps can call which APIs