All Products
Search

This Product

    Logic Composer:Execute workflows by using an AccessKey pair for authentication

    Document Center

    Logic Composer:Execute workflows by using an AccessKey pair for authentication

    Last Updated:Feb 20, 2024

    Logic Composer provides SDKs for you to execute workflows. When you use an SDK to execute a workflow, you can set an AccessKey pair for authentication to ensure security.

    A custom request trigger of Logic Composer provides the following methods to execute a workflow with or without authentication. If no authentication is required, the SDK obtains the endpoint of the corresponding trigger to execute the workflow. If you use an AccessKey pair for authentication, perform the operations in the Procedure section of this topic.

    Procedure

    1. Obtain the workflow path. Log on to the Logic Composer console. In the left-side navigation pane, click Workflows. On the Workflows page, click the desired workflow. On the page that appears, click the Workflow tab. In the message that appears, click Cancel. In the Select Trigger dialog box, select Request. Then, click When a HTTP request is received to show the details about the trigger. Select AccessKey for Authentication. Find Path and click Copy to copy the workflow path that is used to call the trigger.

    2. Grant permissions to the Resource Access Management (RAM) user.

    If you use an AccessKey pair of a RAM user for access, grant the required permissions to the RAM user in advance. For more information, see Grant permissions to a RAM user.

    3. Use an SDK to execute the workflow.

    Important

    • The AccessKey pair of an Alibaba Cloud account has permissions on all API operations. Using the AccessKey pair to perform operations is a high-risk operation. We recommend that you use a RAM user to call API operations or perform routine O&M.

    • We recommend that you do not save the AccessKey ID and the AccessKey secret in your project code. Otherwise, the AccessKey pair may be leaked and the security of all resources within your account may be compromised.

    • In the following examples, the AccessKey pair is set to environment variables to implement authentication. For more information about how to configure environment variables, see Configure credentials.

    • In the following examples, ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET environment variables are used.

    Java

    • Add dependencies

    Add Maven dependencies to the pom.xml file.

    <dependency>
  <groupId>com.aliyun</groupId>
  <artifactId>aliyun-java-sdk-core</artifactId>
  <version>4.0.3</version>
</dependency>

    • Sample code

    import com.aliyuncs.CommonRequest;
import com.aliyuncs.CommonResponse;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.IAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.exceptions.ServerException;
import com.aliyuncs.http.FormatType;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.profile.DefaultProfile;
public class TestJavaSDK {
    public static void main(String[] args) {
        // Specify an endpoint in request.setDomain.
        // We recommend that you do not save the AccessKey ID and the AccessKey secret in your project code. Otherwise, the AccessKey pair may be leaked and the security of resources within your account may be compromised.
        DefaultProfile profile = DefaultProfile.getProfile("default", System.getenv("ALIBABA_CLOUD_ACCESS_KEY_ID"), System.getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET"));
        IAcsClient client = new DefaultAcsClient(profile);
        CommonRequest request = new CommonRequest();
        request.setProtocol(ProtocolType.HTTPS);
        request.setMethod(MethodType.POST);
        request.setDomain("lc.<regionId>.aliyuncs.com");
        request.setVersion("2019-09-25");
        // Note: Replace <Path> with the workflow path obtained in Step 1.
        request.setUriPattern("<Path>");
        // Set parameters based on the workflow requirements.
        request.putQueryParameter("RegionId", "us-east-1");
        request.putHeadParameter("Content-Type", "application/json");
        // Set the request body based on the workflow requirements. Note that the request body must be a JSON string.
        String requestBody = "";
        request.setHttpContent(requestBody.getBytes(), "utf-8", FormatType.JSON);
        try {
            CommonResponse response = client.getCommonResponse(request);
            System.out.println(response.getData());
        } catch (ServerException e) {
            e.printStackTrace();
        } catch (ClientException e) {
            e.printStackTrace();
        }
    }
}

    Go

    • Sample code

    package main
import (
	"fmt"
  "os"
	"github.com/aliyun/alibaba-cloud-sdk-go/sdk"
	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/requests"
)
func main() {
  // Specify an endpoint in request.Domain.
  // We recommend that you do not save the AccessKey ID and the AccessKey secret in your project code. Otherwise, the AccessKey pair may be leaked and the security of resources within your account may be compromised.
	client, err := sdk.NewClientWithAccessKey("default", os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_ID"), os.Getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET"))
	if err != nil {
		panic(err)
	}
	request := requests.NewCommonRequest()
	request.Method = "POST"
	request.Scheme = "https" // https | http
	request.Domain = "lc.<regionId>.aliyuncs.com"
	request.Version = "2019-09-25"
  // Note: Replace <Path> with the workflow path obtained in Step 1.
	request.PathPattern = "<Path>"
  request.Headers["Content-Type"] = "application/json"
  // Set the parameter based on the workflow requirements.
  request.QueryParams["RegionId"] = "us-east-1"
  // Set the request body based on the workflow requirements. Note that the request body must be a JSON string.
	body := ``
	request.Content = []byte(body)
	response, err := client.ProcessCommonRequest(request)
	if err != nil {
		panic(err)
	}
	fmt.Print(response.GetHttpContentString())
}

    Python

    • Sample code

    #!/usr/bin/env python
#coding=utf-8
import os
from aliyunsdkcore.client import AcsClient
from aliyunsdkcore.request import CommonRequest
# Specify an endpoint in request.set_domain.
# We recommend that you do not save the AccessKey ID and the AccessKey secret in your project code. Otherwise, the AccessKey pair may be leaked and the security of resources within your account may be compromised.
client = AcsClient(os.getenv('ALIBABA_CLOUD_ACCESS_KEY_ID'), os.getenv('ALIBABA_CLOUD_ACCESS_KEY_SECRET'), 'default')
request = CommonRequest()
request.set_accept_format('json')
request.set_method('POST')
request.set_protocol_type('https') # https | http
request.set_domain('lc.<regionId>.aliyuncs.com')
request.set_version('2019-09-25')
# Note: Replace <Path> with the workflow path obtained in Step 1.
request.set_uri_pattern('<Path>')
# Set the parameters based on the workflow requirements.
request.add_query_param('RegionId', "us-east-1")
request.add_header('Content-Type', 'application/json')
# Set the request body based on the workflow requirements. Note that the request body must be a JSON string.
body = ''''''
request.set_content(body.encode('utf-8'))
response = client.do_action_with_exception(request)
# python2:  print response
print(str(response, encoding = 'utf-8'))

    Ruby

    # gem install aliyunsdkcore
require 'aliyunsdkcore'
# We recommend that you do not save the AccessKey ID and the AccessKey secret in your project code. Otherwise, the AccessKey pair may be leaked and the security of resources within your account may be compromised.
client = ROAClient.new(
  access_key_id: ENV['ALIBABA_CLOUD_ACCESS_KEY_ID'],
  access_key_secret: ENV['ALIBABA_CLOUD_ACCESS_KEY_SECRET'],
  endpoint: 'https://lc.<regionId>.aliyuncs.com',
  api_version: '2019-09-25'
)
response = client.request(
  method: 'POST',
  # Note: Replace <Path> with the workflow path obtained in Step 1.
  uri: '<Path>',
  # Set the parameters based on the workflow requirements.
  queries: {
    "RegionId": "cn-hangzhou",
  },
  headers: {
    "Content-Type": "application/json"
  },
  # Set the request body based on the workflow requirements. Note that the request body must be a JSON string.
  body: ``,
  options: {}
)
print response

    Node.js

    • Add dependencies

    npm install @alicloud/pop-core

    • Sample code

    var ROAClient = require('@alicloud/pop-core').ROAClient;
// We recommend that you do not save the AccessKey ID and the AccessKey secret in your project code. Otherwise, the AccessKey pair may be leaked and the security of resources within your account may be compromised.
var client = new ROAClient({
  accessKeyId: process.env.ALIBABA_CLOUD_ACCESS_KEY_ID,
  accessKeySecret: process.env.ALIBABA_CLOUD_ACCESS_KEY_SECRET,
  endpoint: 'https://lc.<regionId>.aliyuncs.com',
  apiVersion: '2019-09-25',
});
async function test() {
  try {
    var res = await client.request(
      'POST',
      '<Path>', // Note: Replace <Path> with the workflow path obtained in Step 1.
      {}, // Set parameters based on the workflow requirements.
      '<request body>', // Set the request body based on the workflow requirements. Note that the request body must be a JSON string.
      {
        'content-type': 'application/json',
      }
    );
    console.log('invoke workflow: ', res);
  } catch (err) {
    console.error(err);
  }
}
test().then();

    For more information about the input parameters of operations used by the SDKs, see @alicloud/pop-core.

    Supported regions

    You can use an AccessKey pair for authentication in the following supported regions. Note that the endpoints that are required when you use this feature are different from those of the management API operations of Logic Composer. Use the endpoints of the regions in the following table.

    Region

    Region ID

    Endpoint

    China (Shanghai)

    cn-shanghai

    https://lc.cn-shanghai.aliyuncs.com

    US (Virginia)

    us-east-1

    https://lc.us-east-1.aliyuncs.com

    Singapore

    ap-southeast-1

    https://lc.ap-southeast-1.aliyuncs.com