General Description

CSN

  • API Reference
    • API function release records
    • Appendix
    • Bandwidth Package Related
      • Bandwidth package price inquiry
      • Bandwidth upgrade-downgrade for the bandwidth package
      • Bind a bandwidth package to a Cloud Smart Network
      • Create bandwidth package
      • Delete bandwidth package
      • Query bandwidth package list
      • Query the specified bandwidth package details
      • Unbind a bandwidth package from a Cloud Smart Network
      • Update bandwidth package
    • Cloud Smart Network Related
      • Create a Cloud Smart Network
      • Delete a Cloud Smart Network
      • Network instances loaded by the Cloud Smart Network
      • Network instances unloaded by the Cloud Smart Network
      • Query Cloud Smart Network details
      • Query Cloud Smart Network instance list
      • Query the list of Cloud Smart Network
      • Update a Cloud Smart Network
    • Common Headers and Error Responses
    • General Description
    • Ingress Management Related Interfaces
      • Add a routing entry
      • Create affiliation
      • Create learning relationship
      • Delete a learning relationship
      • Delete a routing entry
      • Delete an association relationship
      • Query association relationships
      • Query learning relationships
      • Query route table list
      • Query routing entries
    • Interface Overview
    • Region Bandwidth Related Interfaces
      • Create cross-region bandwidth
      • Delete cross-region bandwidth
      • Query cross-region bandwidth
      • Query the cross-region bandwidth of the specified Cloud Smart Network
      • Update cross-region bandwidth
    • Service domain
    • TGW Related Interfaces
      • Query routing entries of a TGW
      • Query TGW list
      • Update TGW information
  • FAQs
    • Consultation
  • Function Release Records
  • Operation guide
    • Cross-Account Authorization Management
      • Cancel Authorized Network Instance
      • Create Authorized Network Instance
      • Delete Authorized Network Instance
      • View Authorized Network Instance
    • Cross-Region Bandwidth Package Management
    • CSN Instance
      • Create CSN Instance
      • Delete CSN Instance
      • Modify CSN Instance
    • Identity and access management
    • Monitor and Operations
      • CSN Instance Diagnosis
    • Network instance
      • Add Cross-Account Network Instance
      • Add Local Account Network Instance
      • Adjust Network Instance Bandwidth
      • Uninstall Network Instance
    • Region Bandwidth Management
      • Adjust Region Bandwidth
      • Create cross-region bandwidth
      • Delete cross-region bandwidth
    • Route management
      • Association Relationship
        • Create affiliation
        • Delete affiliation
      • Custom route tables
        • Create custom route table
        • Delete custom route table
        • View Custom Route Table
      • Learning Relationship
        • Add Custom Route Entry
        • Create learning relationship
        • Delete Custom Route Entry
        • Delete learning relationship
        • Publish and Revoke Network Instance Route
        • View Route Entry
    • Tag Management
  • Product Description
    • Application scenarios
    • Introduction
    • Usage restrictions
  • Product pricing
  • SDK
    • GO-SDK
      • Bandwidth package
      • CSN Instance
      • Exception handling
      • Initialization
      • Install
      • Overview
      • Region Bandwidth
      • Route management
      • TGW
    • Java-SDK
      • CSN
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
    • Python-SDK
      • Bandwidth package
      • CSN Instance
      • Initialization
      • Region Bandwidth
      • Route management
      • TGW
  • Service Level Agreement (SLA)
    • Cloud Smart Network Service Level Agreement SLA
  • Typical Practices
    • CSN supports VPC custom route tables for secure traffic access
    • Multi-IDC Disaster Recovery via Cloud Smart Network
    • Multi-IDC Interconnection via Cloud Smart Network
    • Private Network VPC Interconnection with Edge Network
All documents
menu
No results found, please re-enter

CSN

  • API Reference
    • API function release records
    • Appendix
    • Bandwidth Package Related
      • Bandwidth package price inquiry
      • Bandwidth upgrade-downgrade for the bandwidth package
      • Bind a bandwidth package to a Cloud Smart Network
      • Create bandwidth package
      • Delete bandwidth package
      • Query bandwidth package list
      • Query the specified bandwidth package details
      • Unbind a bandwidth package from a Cloud Smart Network
      • Update bandwidth package
    • Cloud Smart Network Related
      • Create a Cloud Smart Network
      • Delete a Cloud Smart Network
      • Network instances loaded by the Cloud Smart Network
      • Network instances unloaded by the Cloud Smart Network
      • Query Cloud Smart Network details
      • Query Cloud Smart Network instance list
      • Query the list of Cloud Smart Network
      • Update a Cloud Smart Network
    • Common Headers and Error Responses
    • General Description
    • Ingress Management Related Interfaces
      • Add a routing entry
      • Create affiliation
      • Create learning relationship
      • Delete a learning relationship
      • Delete a routing entry
      • Delete an association relationship
      • Query association relationships
      • Query learning relationships
      • Query route table list
      • Query routing entries
    • Interface Overview
    • Region Bandwidth Related Interfaces
      • Create cross-region bandwidth
      • Delete cross-region bandwidth
      • Query cross-region bandwidth
      • Query the cross-region bandwidth of the specified Cloud Smart Network
      • Update cross-region bandwidth
    • Service domain
    • TGW Related Interfaces
      • Query routing entries of a TGW
      • Query TGW list
      • Update TGW information
  • FAQs
    • Consultation
  • Function Release Records
  • Operation guide
    • Cross-Account Authorization Management
      • Cancel Authorized Network Instance
      • Create Authorized Network Instance
      • Delete Authorized Network Instance
      • View Authorized Network Instance
    • Cross-Region Bandwidth Package Management
    • CSN Instance
      • Create CSN Instance
      • Delete CSN Instance
      • Modify CSN Instance
    • Identity and access management
    • Monitor and Operations
      • CSN Instance Diagnosis
    • Network instance
      • Add Cross-Account Network Instance
      • Add Local Account Network Instance
      • Adjust Network Instance Bandwidth
      • Uninstall Network Instance
    • Region Bandwidth Management
      • Adjust Region Bandwidth
      • Create cross-region bandwidth
      • Delete cross-region bandwidth
    • Route management
      • Association Relationship
        • Create affiliation
        • Delete affiliation
      • Custom route tables
        • Create custom route table
        • Delete custom route table
        • View Custom Route Table
      • Learning Relationship
        • Add Custom Route Entry
        • Create learning relationship
        • Delete Custom Route Entry
        • Delete learning relationship
        • Publish and Revoke Network Instance Route
        • View Route Entry
    • Tag Management
  • Product Description
    • Application scenarios
    • Introduction
    • Usage restrictions
  • Product pricing
  • SDK
    • GO-SDK
      • Bandwidth package
      • CSN Instance
      • Exception handling
      • Initialization
      • Install
      • Overview
      • Region Bandwidth
      • Route management
      • TGW
    • Java-SDK
      • CSN
      • Exception handling
      • Initialization
      • Install the SDK Package
      • Overview
      • Version history
    • Python-SDK
      • Bandwidth package
      • CSN Instance
      • Initialization
      • Region Bandwidth
      • Route management
      • TGW
  • Service Level Agreement (SLA)
    • Cloud Smart Network Service Level Agreement SLA
  • Typical Practices
    • CSN supports VPC custom route tables for secure traffic access
    • Multi-IDC Disaster Recovery via Cloud Smart Network
    • Multi-IDC Interconnection via Cloud Smart Network
    • Private Network VPC Interconnection with Edge Network
  • Document center
  • arrow
  • CSN
  • arrow
  • API Reference
  • arrow
  • General Description
Table of contents on this page
  • Authentication mechanism
  • Communication protocol
  • Request structure description
  • Response structure description
  • Common request header and common response header
  • API version number
  • Idempotence

General Description

Updated at:2025-11-11

Authentication mechanism

The Access Key and request signature mechanism are uniformly adopted for all API security authentication. Access Key consists of an Access Key ID and a Secret Access Key, both of which are strings. For each HTTP request, use the algorithm described below to generate a authentication string. Submit the certification string in the Authorization header. The server verifies the correctness of the authentication string based on the generation algorithm. The certification string format is bce-auth-v{version}/{accessKeyId}/{timestamp}/{expirationPeriodInSeconds}/{signedHeaders}/{signature}.

  • The version is a positive integer, currently set to 1.
  • The timestamp refers to the UTC time when the signature is created.
  • The expirationPeriodInSeconds specifies the duration during which the signature remains valid.
  • SignedHeaders includes the list of headers involved in the signature algorithm. The headers are separated by semicolons (e.g., host;x-bce-date) and arranged in lexicographical order. (This API signature involves only the host and x-bce-date headers.)
  • The signature is a 256-bit signature represented as a 64-character lowercase hexadecimal digest.

For detailed information on the authentication mechanism, please refer to Authentication.

Communication protocol

Both HTTP and HTTPS methods are supported. For better data security, it is recommended to use HTTPS.

Request structure description

Request parameters include the following 4 types:

Parameter type Description
URI Generally, it is used to specify the operation entity, e.g., GET /v1/csn
Query Request parameters carried in the URL
HEADER It is passed in through HTTP header, such as: x-bce-date
RequestBody Request data body organized in JSON format

Response structure description

Response values are in two forms:

Response content Note
HTTP STATUS CODE Such as 200, 400, 403, 404, etc.
ResponseBody Response data body organized in JSON format.

Common request header and common response header

Common request headers

Common header Description
Authorization Include both the Access Key and the request signature.
Content-Type application/json; charset=utf-8。
x-bce-date A string representing the date that complies with API specifications.

Standard HTTP protocol header fields are not included in this list. Key header fields are required for all network diagnosis APIs. For POST, PUT, DELETE, and similar requests, data should be placed in the request body.

Common response headers

Common header Description
Content-Type application/json; charset=utf-8。
x-bce-request-id These headers are generated by the VPC backend and automatically included in the response header.

API version number

Parameters Types Parameter location Description Required or not
version String URL parameter The current API version is v1. Yes

Idempotence

When invoking the creation API, if a timeout or an internal server error occurs, the user can retry the request. In such cases, the clientToken parameter ensures no extra resources are created, thereby maintaining the request's idempotence.

Idempotence is based on clientToken, which is an ASCII string with a length not exceeding 64 bits, usually placed in the query string, such as http://bcc.bj.baidubce.com/v1/instance?clientToken=be31b98c-5e41-4838-9830-9be700de5a20.

If the same clientToken value is used when calling the creation API, the server will return the same result. If a retry is necessary due to an error, supplying the same clientToken ensures that only one resource is created. If the clientToken has been used previously but other parameters like queryString, requestBody, or even the URL Path differ, an error code of IdempotentParameterMismatch will be issued.

The clientToken remains valid for 24 hours from the last time it was received by the server. In cases where the same clientToken is continuously sent, it will stay valid indefinitely within that time window.

Previous
Common Headers and Error Responses
Next
Ingress Management Related Interfaces