To send a Global Accelerator API request, you must send an HTTP GET request to the Global Accelerator endpoint. You must add the request parameters that correspond to the API operation being called. After you call the API operation, the system returns a response. The request and response are encoded in the UTF-8 format.

Request syntax

Global Accelerator API operations use the RPC protocol. You can call Global Accelerator API operations by sending HTTP GET requests.

The following request syntax is used:
  • Endpoint: the endpoint of the Global Accelerator API is
  • Action: the operation that you want to perform. For example, to query the information about an existing Global Accelerator instance, you must set the Action parameter to DescribeAccelerator.
  • Version: the version of the Global Accelerator API. Set the value to 2019-11-20.
  • Parameters: the request parameters for the operation. Separate multiple parameters with ampersands (&).

    Request parameters include both common parameters and operation-specific parameters. Common parameters are used for all Global Accelerator API calls regardless of the operation. For more information, see Common parameters.

The following example shows how to call the DescribeAccelerator operation in Global Accelerator.
Note The following code has been edited to ensure easy reading.

Request signature

You must sign all API requests to ensure security. Alibaba Cloud uses the request signature to verify the identity of a request sender.

You must add the signature to the RPC API request in the following format:

  • SignatureMethod: the encryption method of the signature string. Set the value to HMAC-SHA1.
  • SignatureVersion: the version of the signature encryption algorithm. Set the value to 1.0.
  • SignatureNonce: a unique, random number used to prevent replay attacks. You must use different random numbers for different requests. We recommend that you use universally unique identifiers (UUIDs).
  • Signature: the signature string generated by symmetrically encrypting the request by using the AccessKey secret.

Global Accelerator implements symmetric encryption with an AccessKey pair. This allows you to verify the identity of the request sender. An AccessKey pair is an identity credential issued to Alibaba Cloud accounts and RAM users. It is similar to a pair of username and password. An AccessKey pair consists of an AccessKey ID and an AccessKey secret. The AccessKey ID is used to verify the identity of the user. The AccessKey secret is used to encrypt the signature string. It is also used by the server to verify the signature string. The AccessKey secret must be kept confidential.

You must add the signature to the RPC API request in the following format:
DescribeAccelerator is used as an example. If the AccessKey ID is testid and the AccessKey secret is testsecret, the following sample code shows the original request URL:
To calculate the signature, perform the following steps:
  1. Build and encode a string-to-sign.
    1. Create a canonicalized query string by arranging the request parameters in alphabetical order. The request parameters include all common and operation-specific parameters except Signature.

      When you use the GET method to submit a request, the request parameters are included as a part of the URI. The request parameters follow the question mark (?) and are separated with ampersands (&).

    2. Encode the canonicalized query string in the UTF-8 format. The following table describes the encoding rules.
      Character Encoding rule
      Uppercase letters (A-Z), lowercase letters (a-z), digits (0-9), and the following special characters: hyphens (-), underscores (_), periods (.), and tildes (~) Not encoded.
      Other characters Percent encoded in the %XY format. XY represents the ASCII code of the characters in hexadecimal notation. For example, double quotation marks (") are encoded as %22.
      Extended UTF-8 characters Encoded in the %XY%ZA... format.
      Space characters Encoded as %20. Do not encode space characters as plus signs (+).

      This encoding method is similar to the encoding algorithms in the application/x-www-form-urlencoded Multipurpose Internet Mail Extensions (MIME) format. For example, the class provided by the Java standard library uses the MIME format.

      You can encode spaces based on the encoding rule for the standard library. Then, you can replace the plus sign (+) in the encoded string with %20, the asterisk (*) with %2A, and %7E with the tilde (~). You can use the following percentEncode method to apply this algorithm.

      private static final String ENCODING = "UTF-8";
      private static String percentEncode(String value) throws UnsupportedEncodingException 
      return value != null ? URLEncoder.encode(value, ENCODING).replace("+", "%20").replace("*", "%2A").replace("%7E", "~") : null;
    3. Concatenate the encoded parameter names and values with equal signs (=).
    4. Arrange the parameter name and value pairs concatenated by equal signs based on the order specified in Step i, and connect them with ampersands (&) to produce the canonicalized query string.
  2. Calculate the hash-based message authentication code (HMAC) value of the string-to-sign.
    Add an ampersand (&) to the end of the AccessKey secret, and use the result as the key to calculate the HMAC value. In this example, the key is testsecret&.
  3. Add the signature string to the request as the Signature parameter.