invoke an HTTP function by using HTTP requests - Function Compute

Function Compute supports HTTP triggers, allowing functions to be executed via HTTP requests. This topic explains how to set up an HTTP trigger in the Function Compute console and initiate it using HTTP requests.

Prerequisites

Creating a Function

Step 1: Create a trigger

Log on to the Function Compute console. In the left-side navigation pane, click Functions.
In the top navigation bar, select a region. On the Functions page, click the function that you want to manage.
On the function details page, click the Configurations tab. In the left-side navigation pane, click Triggers. Then, click Create Trigger.

In the Create Trigger panel, enter the required information, and then click OK.

Configuration Item	Operation	Example in This Topic
Trigger Type	Select HTTP Trigger.	HTTP Trigger
Name	Enter a custom trigger name.	http-trigger
Version Or Alias	The default value is LATEST. If you need to create a trigger for another version or alias, you must first select the version from the Version Or Alias drop-down list on the function details page. For more information about versions and aliases, see Version Management and Alias Management.	LATEST
Request Method	Specify the methods that can be used to trigger the HTTP trigger.	GET, POST, PUT, DELETE
Disable Public Access URL	The default selection is No, which allows public domain name access to the trigger. If you select Yes, the created HTTP trigger will not provide a default public domain name. In this case, if you invoke the function through a public domain name, an error message `access denied due to function internet URL is disable` will be displayed. However, access through a custom domain name is not affected.	No
Authentication Method	Select the authentication method for HTTP requests in Function Compute. The following options are available: No Authentication: No identity authentication is required for HTTP requests. Anonymous access is supported, and anyone can initiate an HTTP request to invoke your function. Signature Authentication: Identity authentication is required for HTTP requests. For sample code on signature authentication, see Access HTTP Trigger Address by Signature. JWT Authentication: JWT authentication is required for HTTP requests. For more information, see Configure JWT Authentication for HTTP Trigger.	No Authentication

Once created, you can adjust the HTTP trigger's settings as needed, including Version Or Alias, Request Method, Disable Public Access URL, and Authentication Method.

Step 2: Write and deploy code

After setting up the HTTP trigger, you can proceed to write the function code.

On the function details page, click the Code tab. Write your code in the editor, and then click Deploy Code . For sample code, refer to the request handler documentation for various runtimes in the Function Compute documentation under Operation Guide > Code Development .

Step 3: Test the function

Method 1: Test the function in the console

On the Function Details page, click the Code tab.

Synchronous Invocation

Click Test Function.
Asynchronous Invocation

Click the Test Function icon on the right, select Asynchronous Invocation, and then click Test Function.

After execution, the execution result can be viewed on the Code tab.

Method 3: Test the function by using cURL

On the function details page, click the Configuration tab. In the left-side navigation pane, select Triggers. Copy the public access address from the HTTP trigger's configuration for the following test.

Synchronous Invocation

Run the following command in the command line. Replace https://example.cn-shenzhen.fcapp.run with your HTTP trigger public access address, and replace $path with the name of the API interface you need to invoke.

curl -v https://example.cn-shenzhen.fcapp.run/$path

Note

Invoke a web function: For example, with Flask, if you want to test a Python function with a route defined as @app.route('/test'), replace $path with test. For a route defined as @app.route('/'), directly use the HTTP trigger public access address.
Invoke an event function: Directly use the HTTP trigger public access address.

After execution, Function Compute returns the execution result.

Asynchronous Invocation

Execute thefollowing command in the command line, substituting https://example.cn-shenzhen.fcapp.run with your HTTP trigger's public access address and $path with the API interface name you want to call.

curl -v -H "X-Fc-Invocation-Type: Async" https://http-***.cn-shenzhen.fcapp.run/$path

Note

Invoke a web function: Using Flask as an example, if you're testing a Python function with a route defined as @app.route('/test'), replace $path with test. If the route is defined as @app.route('/'), simply use the HTTP trigger public access address.
Invoke an event function: Use the HTTP trigger public access address directly.

Upon completion, Function Compute will return a status code of 202, indicating successful request submission. Other status codes signify errors during invocation. For detailed error explanations, see FAQ (Troubleshooting).

Method 3: (Not Recommended) Test the function by using a browser

On the function details page, click the Configuration tab. In the left-side navigation pane, select Triggers. Copy the public access address from the HTTP trigger's configuration, enter it into the browser's address bar, and press Enter to execute.
Once executed, the browser will display the execution result.

(Optional) Use API Gateway to protect functions

By default, Function Compute does not authenticate HTTP requests, allowing anonymous access. To prevent unauthorized access and potential security risks, you can enable authentication and connect HTTP functions to API Gateway, using its IP-based access control, JWT authentication, or BasicAuth plugins.

In the Function Compute console, locate the desired function. On the function details page, click the Configuration tab. In the left-side navigation pane, select Triggers, and then click Edit.
In the Edit Trigger panel, set Disable Public Access URL to Yes.
Log on to the API Gateway console and switch to the region where your HTTP function is located.
Create a group and an API to allow external applications to invoke your function services in a controlled manner. API groups help organize and manage multiple APIs, facilitating the implementation of unified security policies and traffic control.

Create an API that enables external applications to call internal function services in a specified manner. Organize and manage multiple related APIs using API groups, which simplifies the enforcement of unified security policies and traffic control measures.
1. In the API Gateway console, navigate to API Management > Group Management in the left-side navigation pane, and click Create Group.
2. In the Create Group dialog box, select Instance, enter Group Name as FC-Group, and BasePath as /. Click OK.
3. Click Create API. In the Basic Information section, configure the necessary details and click Next.
4. In the Define API Request section, set Request Path as /. Keep other settings as default and click Next.
5. In the Define API Backend Service section, set Trigger Path as the internal network access address of the Function Compute trigger https://***-***.cn-hangzhou-vpc.fcapp.run. Follow the instructions shown in the figure and click Next.
6. In the Define Return Result section, maintain the default system configuration and click Create. Once created successfully, click Publish in the API operation column.
Debug the API using API Gateway's online debugging tool to ensure it functions correctly before official release. Successful debugging indicates that the API is properly connected to Function Compute.
1. In the API Gateway console, go to API Invocation > Debug in the left-side navigation pane.
2. On the debugging page, select the FC-test API and click Send Request. If the following information appears, the configuration is successful.
Create a Backend Signature plugin. Set key and secret to your Alibaba Cloud account's AccessKey ID and AccessKey Secret, respectively. Then, bind the plugin to the API you created. For more details, see Plugin Overview.
Point your domain name to the second-level domain provided by API Gateway using CNAME.
1. In the API Gateway console, select API Management > Group Management from the left-side navigation pane, and copy the public second-level domain name.
2. Navigate to your domain name management page. For Alibaba Cloud, the entry is: https://dns.console.aliyun.com. On the domain name list page, find the domain you want to manage and click the link to enter its management page.
  
  Independent domain names in the Chinese mainland region must be filed with
  Note
  Independent domain names in the Chinese mainland region must be filed with Alibaba Cloud ICP filing or have the filing accessed by Alibaba Cloud.
3. In the API Gateway console, go to API Management > Group Management in the left-side navigation pane, and enter the Independent Domain area. In the bottom right corner of the page, click the button to bind your domain name. After entering your domain name, click OK to complete the binding process.

After completing the above steps, your HTTP function can be accessed using your own domain name. Additionally, you can create and bind the following plugins to your API for enhanced security:

Troubleshooting

The following errors may occur:

Request errors: These occur when a request fails to meet specific requirements, resulting in an HTTP status code 4xx in the response.
Function errors: These occur when there is an issue with the function code, leading to an HTTP status code 5xx.

The table below describes scenarios for request and function errors, helping you troubleshoot based on the causes of the errors.

Error Type	HTTP Status Code	Cause Analysis	Is Charged
Request Error	400	Your request exceeded the limits on HTTP requests. For more information, see HTTP Trigger Overview.	No
	400	The request for a function that requires identity authentication does not contain date or authorization information.	No
	403	The signature of the request for a function that requires identity authentication is invalid, which indicates the authorization information is invalid. Date is used to calculate a signature, and the signature is valid only for 15 minutes. If you use an HTTP trigger that requires access authentication, the signature becomes invalid if the date information in the request header is generated for over 15 minutes.	No
	403	Your request uses a request method that is not configured in the HTTP trigger. For example, if you send an HTTP request by using the POST method, but the GET method, instead of the POST method, is configured in the HTTP trigger, this error occurs.	No
	404	An HTTP request is sent to a function that does not use an HTTP handler.	No
User Traffic Throttling	429	The user is throttled. You can reduce the concurrency or contact the Function Compute development team to increase the concurrency.	No
Function Error	502	The return value of the function exceeds the limits on HTTP responses. For more information, see HTTP Trigger Overview.	Yes
	502	The code of a function contains a syntax error or an exception.	Yes
	502	An HTTP request is sent to a function that does not use an HTTP handler.	Yes
System Error	500	A Function Compute system error occurred. You can retry to resolve the issue.	No
System Traffic Throttling	503	A Function Compute system throttling error occurred. You can retry in exponential backoff mode.	No

If the issue persists, join the DingTalk user group (DingTalk group number: 64970014484) and contact Function Compute engineers for assistance..