General Description
API Version Number
| Parameter | Type | Parameter position | Description | Required or not |
|---|---|---|---|---|
| version | String | URL parameter | API version No., the current version is 2. | Yes |
Request Parameter
The request parameters include the 4 kinds below:
| Parameter Type | Description |
|---|---|
| URI | Generally used to indicate the operation entity, e.g. GET /v2/hosteye/loginmanage/overview |
| Query parameter | Request parameters carried in URL. |
| HEADER | Passed by the HTTP header, e.g. x-bce-date. |
| RequestBody | Request data body organized in JSON format. |
Return Value Description
There are two types of return values:
| Return Content | Description |
|---|---|
| HTTP STATUS CODE | E.g. 200,400,403,404, etc. |
| ResponseBody | Response data body organized in JSON format. |
Signature Authentication
This product API will authenticate every access request to ensure security for users. Access Key and request signature mechanism are adopted for security authentication. Access Key consists of an Access Key ID and a Secret Access Key, both of which are strings and are officially issued to users by Baidu AI Cloud. The Access Key ID is used to identify the user, and the Access Key Secret is a key used to encrypt the signature string and the signature verification string on the server side, which shall be kept strictly confidential.
Format of the Signature String
bce-auth-v{version}/{accessKeyId}/{timestamp}/{expireTime}/{signedHeaders}/{signature}Application Steps
For getting AK/SK, please see Get AK/SK.
Signature Generation Algorithm
For specific introductions to the signature generation algorithm, please see Authentication certification mechanism.
Idempotency
If a request timeout or internal server error occurs when the create interface is called, the user may try to resend the request. At this time, the user can avoid creating more resources than expected through the clientToken parameter, that is, to ensure the idempotence of the request.
Idempotent is based on clientToken, and clientToken is an ASCII string no longer than 64 bits and is usually placed in a query string, such as http://bss.bj.baidubce.com/open-api/v2/loginmanage/overview/getAttackSource&clientToken=be31b98c-5e41-4838-9830-9be700de5a20.
If the user calls the creation interface with the same clientToken value, the server will return the same request result. Therefore, when the user encounters an error and retries, he can provide the same clientToken value to ensure that only one resource is created. If the user provides a used clientToken, but other request parameters (including queryString and requestBody) are different or even URL path is different, the error code of IdempotentParameterMismatch will be returned.
The clientToken is valid for 24 hours, subject to the last time when the server receives the clientToken. That is, if the client continuously sends the same clientToken, the clientToken will be valid for a long time.
Time and Date
There are various methods to express date and time. For the sake of uniformity, unless it is a convention or a corresponding specification, wherever the date and time is required, UTC time shall be used, [ISO 8601](https://www.w3.org/TR/NOTE Datetime) shall be followed , and the following constraints shall be met:
- Fields expressing the date all utilize the YYYY-MM-DD format, e.g.2014-06-01 which means June 1, 2014.
- Fields expressing time all utilize the hh:mm:ss format, with the capital letter Z added at the end, which means UTC time. E.g. 23:00:10Z means UTC time: 23:00:10.
- When the date and time is combined, the capital letter T is added between the two items, e.g. 2014-06-01T23:00:10Z means UTC time: 23:00:10 on June 1, 2014.
Typesetting Agreement
| Typesetting format | Meaning |
|---|---|
| < > | Variable |
| [] | Optional |
| {} | Mandatory |
| \ | |
| Equal width font Courier New | Screen output |