The APP is created by the gateway. After the APP is authorized by the API, the authorized API may be accessed by the APP. The APP contains the information of AppKey and AppSecret. The AppKey and AppSecret are used for computing signature when the users select the APP verification.

1. As the status identification of the API gateway requester, the AppKey and AppSecret are automatically allocated in creation. In case of the APP verification mode, the AppSecret is acquired for computing signature in request.
2. The AppKey and AppSecret with APP have all authorized API access authorities. In case of leakage, other users may access the currently authorized API. If the leakage of APP information is found, the console supports the resetting operation of AppSecret, and the user should complete verification via SMS.
3. The user may have multiple APPs, and the API may be authorized to different APPs according to different requirements.
4. The operations supported by APP include APP creation, modification, deletion, details view, key management, API authorization, etc.

Create APP

• Each user may create a maximum of 30 applications by default, and the limited quantity may be added by submission of work orders.
• The globally unique AppId is generated after the application creation. The AppId consists of 10 digits, e.g.1000000047.

Query and Delete Operations of APP

In the APP list page, it supports the paging view of created APPs, including the APP name, creation time, description information, and corresponding details, edition and deletion functions.

Manage APP Key

• The AppKey and AppSecret information of APP may be displayed in the AppKey management interface.
• The display operation of AppSecret requires SMS verification.
• In case of APP information leakage, the AppSecret may be reset and a new AppSecret is generated.

Authorize API

The API released by the gateway is authorized to APP for access. The APP of users should obtain the API authorization to call the API.

Click "Authorize" in the API list page to authorize the API.

• The authorization operation currently supports the authorization for three environments of API.
• When authorizing, we may designate the expiration time of authorization. The authorization time may be set as a permanent or a specified date. After authorization time expires, the APP access is not supported.
• The gateway supports the operation of authorizing multiple APP at one time.

The query of authorizable APP support a variety of queries:

• To directly query the user's APP.
• To directly query the existing APPs by application of ID, including query of the APPs of other users.
• The APP may be authorized by user ID query, and the batch authorization of multiple APPs is supported.

After authorization, we may view the authorized APP information in the API details page. The batch cancellation of authorization is supported here. The following information is mainly displayed: ID and name of authorized APP, authorization environment, authorization time, and valid time of authorization.

In the APP management page, all the API information authorized to the APP is displayed for convenient view.