All Products
Search

This Product

    Mobile Platform as a Service:Introduction to gateway management

    Document Center

    Mobile Platform as a Service:Introduction to gateway management

    Last Updated:Feb 04, 2026

    The gateway management page includes settings for feature toggles, result code customization, operation records, and link analysis.

    Feature toggles

    Feature toggles are global settings that allow you to temporarily enable or disable all API-related features.

    Signature verification

    This feature verifies the signature of requests from the client to the mobile gateway to authenticate the caller's identity and ensure security. This feature is enabled by default.

    Timestamp for signature verification

    When signature verification is enabled, this setting lets you customize the validity period of the timestamp. This prevents API signature verification failures that are caused by timestamp timeouts. These timeouts can occur when a user's device time is incorrect, for example, if the user sets the clock back.

    Currently, the maximum validity period for the signature verification timestamp is 10 years (5,256,000 minutes).

    API rate limiting

    API rate limiting lets you set limits for individual APIs, a default rate limit for all APIs, and a total rate limit for an application. This prevents backend servers from being overwhelmed during peak traffic. If both a default API rate limit and a total application rate limit are set, the lower limit takes precedence.

    API Mock

    This feature lets you mock an API's return value to provide a specific response. This feature is disabled by default.

    API authorization

    Before the gateway routes a client request to the backend service, this feature validates the request. The request is forwarded only if it passes validation. This feature is disabled by default.

    For more information, see API authorization.

    Data encryption

    This feature encrypts requests from the client to the mobile gateway to ensure data security during transmission. This feature is disabled by default. The supported encryption algorithms are ECC and RSA. This feature must be used in conjunction with the client. If the client's data encryption method does not match the method configured on the gateway, the gateway cannot parse the client request.

    For more information, see Data encryption.

    CORS

    Cross-origin resource sharing (CORS) lets you control cross-domain access using rules. You can configure these rules to support cross-origin requests.

    For more information, see Cross-origin resource sharing.

    Result code customization

    Gateway result codes have default message text. This feature lets you customize the result code messages as needed.

    On the Manage gateway tab page, click Customize result code to go to the customization page.

    Operation records

    Record and display configuration staff's operations on the gateway, thus making it convenient for the customers to trace back.

    Developer Tools

    The Trace analysis tool analyzes a TraceId to retrieve the request time and the gateway server that processed it.