Adds a consumer on which a gateway performs authentication operations.
Debugging
Authorization information
The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action
policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:
- Operation: the value that you can use in the Action element to specify the operation on a resource.
- Access level: the access level of each operation. The levels are read, write, and list.
- Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level,
All Resources
is used in the Resource type column of the operation.
- Condition Key: the condition key that is defined by the cloud service.
- Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
Operation | Access level | Resource type | Condition key | Associated operation |
---|---|---|---|---|
mse:AddGatewayAuthConsumer | create | *All Resources * |
| none |
Request parameters
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
GatewayUniqueId | string | Yes | The unique ID of the gateway. | gw-c70622ff52fe49beb29bea9a6f52**** |
Name | string | Yes | The name of the consumer. | name |
Type | string | Yes | The authentication type. Valid values:
| JWT |
EncodeType | string | No | The encryption type. Valid values:
| RSA |
Jwks | string | No | The JWT public key. The JSON format is supported. | {"keys":[{"e":"AQAB","kid":"DHFbpoIUqrY8t2zpA2qXfCmr5VO5ZEr4RzHU_-envvQ","kty":"RSA","n":"xAE7eB6qugXyCAG3yhh7pkDkT65pHymX-P7KfIupjf59vsdo91bSP9C8H07pSAGQO1MV_xFj9VswgsCg4R6otmg5PV2He95lZdHtOcU5DXIg_pbhLdKXbi66GlVeK6ABZOUW3WYtnNHD-91gVuoeJT_DwtGGcp4ignkgXfkiEm4sw-4sfb4qdt5oLbyVpmW6x9cfa7vs2WTfURiCrBoUqgBo_-4WTiULmmHSGZHOjzwa8WtrtOQGsAFjIbno85jp6MnGGGZPYZbDAa_b3y5u-YpW7ypZrvD8BgtKVjgtQgZhLAGezMt0ua3DRrWnKqTZ0BJ_EyxOGuHJrLsn00fnMQ"}]} |
TokenName | string | No | The names of the parameters that are required to verify each token. By default, each token is prefixed with Bearer and stored in the Authorization header, such as | Authorization |
TokenPass | boolean | No | Specifies whether to enable pass-through. | true |
TokenPosition | string | No | The positions of the parameters that are required to verify each token. By default, each token is prefixed with Bearer and stored in the Authorization header, such as | HEADER |
TokenPrefix | string | No | The prefixes of the parameters that are required to verify each token. By default, each token is prefixed with Bearer and stored in the Authorization header, such as | Bearer |
KeyName | string | No | The name of the key used for JWT-based identity authentication. | iss |
KeyValue | string | No | The value of the key used for JWT-based identity authentication. | abcd |
Description | string | No | The description of the consumer. | description |
AcceptLanguage | string | No | The language of the response. Valid values:
| zh |
Response parameters
Examples
Sample success responses
JSON
format
{
"RequestId": "69AD2AA7-DB47-449B-941B-B14409DF****",
"Success": true,
"Code": 200,
"ErrorCode": "mse-100-000",
"HttpStatusCode": 200,
"Message": "The request is successfully processed.\n",
"DynamicCode": "code",
"DynamicMessage": "The specified parameter is invalid.",
"Data": 2
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | IllegalRequest | Invalid request:%s | Invalid request: %s |
400 | InvalidParameter | Parameter error:%s | Request parameter error: %s |
403 | NoPermission | You are not authorized to perform this operation:%s | You do not have the permission to use this interface:%s |
404 | NotFound | Not found:%s | The resource does not exist:%s |
500 | InternalError | Console error. Try again later:%s | Console error. Try again later: %s |
For a list of error codes, visit the Service error codes.
Change history
Change time | Summary of changes | Operation |
---|---|---|
2024-02-23 | The internal configuration of the API is changed, but the call is not affected | View Change Details |