Call Instructions

Last Updated：2020-10-20

Overview

The domain name of the BCE CDN API interface is http://cdn.baidubce.com. All interfaces use /v2 as the prefix. The interface specification follows the BCE standard, uses HTTP protocol communication and supports HTTP1.0/1.1. Support PUT, POST, GET and DELETE request methods of HTTP.

General Agreement

Coding and Data Formats

JSON format is used for data exchange, Content-Type is application/json style, and all the request/response body content uses UTF-8 coding.

Date and Time

There are various methods to express date and time. For the purpose of unification, unless there are conventions or corresponding specifications, all fields expressing date and time specified in the HTTP standard utilize GMT, and UTC time for other places expressing date and time. The users should follow ISO 8601, and the following restrictions are made:

Fields expressing the date all utilize the YYYY-MM-DD format, e.g. 2014-06-01 which means June 1, 2014.
Fields expressing time all utilize the hh:mm:ss format, with the capital letter Z added at the end, which means UTC time. E.g. 23:00:10Z means UTC time: 23:0:10.
When the date and time is combined, the capital letter T is added between the two items, e.g. 2014-06-01T23:00:10z means UTC time: 23:00:10 on June 1, 2014.

Use the above format for time-related numeric types in the BCE CDN API, which is called the Timestamp type.

Normalized String

Generally, one string can include any Unicode character. In programming, this kind of flexibility will bring about numerous troubles. Therefore, the concept of "normalized string" is introduced. One normalized string only includes the percent-encoding characters and URI (Uniform Resource Identifier) unreserved characters. RFC 3986 stipulates that "URI non-reserved characters" include the following characters: Letters (A-Z, a-z), numbers (0-9), hyphen (-), dot mark (.), underline (_), tilde (~). The method to change any string into a normalized string is:

To convert strings into UTF-8 encoded byte stream.
To keep all "URI non-reserved characters" unchanged.
To make the Percent-encoding specified in RFC 3986 once for the rest bytes, namely, two sexadecimal strings representing the byte value are behind one "%". All the letters are in upper case. Example: Original string: This is an example for test Corresponding specification string: this%20is%20an%20example%20for%20%E6%B5%8B%E8%AF%95

When requesting, you have to UrlEncode the Value of Querystring, as shown below:

public static String uri-encode(CharSequence input, boolean encodeSlash) { 
          StringBuilder result = new StringBuilder() 
          for (int i = 0; i < input.length(); i++) { 
              char ch = input.charAt(i); 
              if ((ch >= 'A' && ch <= 'Z') || (ch >= 'a' && ch <= 'z') || (ch >= '0' && ch <= '9') || ch == '_' || ch == '-' || ch == '~' || ch == '.') { 
                  result.append(ch) 
              } else if (ch == '/') { 
                  result.append(encodeSlash ? "%2F" : ch) 
              } else { 
                  result.append(toHexUTF8(ch)) 
              } 
          } 
          return result.toString() 
}

Coding Specification

The parsable contents and all request/response body contents are currently encoded with UTF-8, and more encoding types will be supported in the future.
When a request is conducted, you have to perform UrlEncode for the Value of QueryString.

Signature Authentication

This CDN API will authenticate every access request to ensure security for users. Access Key and request signature mechanism are adopted for security authentication. Access Key consists of Access Key ID (AK for short) and Secret Access Key (SK for short), both of which are strings, and it is issued to users by Baidu AI Cloud Official. The Access Key ID is used to identify the user, and the Secret Access Key is a key used to encrypt the signature string and the signature verification string on the server side, which shall be kept strictly confidential.

Format of the Signature String

bce-auth-v{version}/{accessKeyId}/{timestamp}/{expireTime}/{signedHeaders}/{signature}

Application Steps

For getting AK/SK, please see Get AK/SK.

Signature Generation Algorithm

Baidu AI Cloud adopts a unified API authentication verification mechanism. For details, please see Authentication Mechanism.

Common Header

Public Request Header Fields

The following information shall be contained in the HTTP header field of the request for the CDN API service:

Header（Header）	Description	Required or not
host	http host	Yes
Authorization	Including Access Key and request signature.	Yes
x-bce-date	The time of creating the request, and the fields expressing the date all utilize the YYYY-MM-DD format, e.g.2014-06-01 which means June 1, 2014. If the user uses the standard Date domain, the header can be left blank. When the two exist simultaneously, x-bce-date shall prevail.	No
x-bce-content-sha256	It represents the hexadecimal strings of SHA256 signature of the content part. The content refers to HTTP Request Payload Body, namely, the original data of the Content part before HTTP encode.	No
x-bce-request-id	Id used to track debug, a uuid character	No

Public Response Header Field

Header（Header）	Description
x-bce-request-id	The requestId of the corresponding request
Content-Type	application/json，charset=utf-8。 The phase I coding only supports utf-8, so charset is fixed.

Error Message Format

In addition to the HTTP status code, the error information of the BCE CDN API also contains the error information in JSON format in the HTTP body, and the content is as follows:

Parameter name	Type	Description
requestId	String	RequestId causing the error.
code	String	It means a specific error type.
message	String	Detailed description on the error.

E.g.:

{ 
    "code":"IllegalRequestUrl", 
    "message":"The requested url belongs to domain which is not under acceleration", 
    "requestId":" 81d0b05f-5ad4-1f22-8068-d5c9de60a1d7" 
}

General Error Code

In addition to the definition of the error format listed separately for each interface subsequently, the generic error code for BCE CDN API includes but not limited to the following forms:

HTTP Status Code	Code	Message	Description
400	InvalidArgument	Invalid Argument.	Invalid parameter
400	InvalidHTTPAuthHeader	The HTTP authorization header is invalid. Consult the service documentation for details.	The format of Authorization header is wrong.
400	InvalidHTTPRequest	There was an error in the body of your HTTP request.	The HTTP body format is wrong.。 E.g. inconformity with the designated Encoding, etc.
400	MalformedJSON	The JSON you provided was not well-formed.	The JSON format is invalid.
403	SignatureDoesNotMatch	The request signature we calculated does not match the signature you provided. Check your Secret Access Key and signing method. Consult the service documentation for details.	The signature attached in the Authorization header is inconsistent with the server authentication.
403	InvalidAccessKeyId	The Access Key ID you provided does not exist in our records.	The Access Key ID does not exist.
405	MethodNotAllowed	he specified method is not allowed against this resource.	Invalid requested method
500	InternalError	We encountered an internal error. Please try again.	Undefined system error

Province and ISP Format

Region	Mapping	Operator	Mapping
Beijing	beijing	Telecom	ct
Tianjian	tianjin	Unicom	cnc
Hebei	hebei	Mobile	cmnet
Inner Mongolia	nmg	Education Network	ce
Shanxi	shanxi	Dr. Peng	pbs
Shanghai	shanghai	Broadcasting and TV	oc
Anhui	anhui	21Vianet	sjhl
Jiangsu	jiangsu	Founder Broadband	fdbn
Zhejiang	zhejiang	Wasu	wasu
Shandong	shandong	Other	other
Fujian	fujian
Jiangxi	jiangxi
Guangdong	guangdong
Guangxi	guangxi
Hainan	hainan
Henan	henan
Hubei	hubei
Hunan	hunan
Heilongjiang	hlj
Jilin	jilin
Liaoning	liaoning
Shaanxi	shaanxi
Gansu	gansu
Ningxia	ningxia
Qinghai	qinghai
Xinjiang	xinjiang
Chongqing	chongqing
Sichuan	sichuan
Yunnan	yunnan
Guizhou	guizhou
Tibet	xizang
Overseas	oversea
Other	other

API Overview

Domain Name Operation Interface