apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
cloudstack/docs/en-US/enabling-api-call-expiration.xml
David Nalley e874fdb24c adding docs
2012-07-16 15:43:58 -04:00

17 lines
1.4 KiB
XML
Raw Blame History

<section id="enabling-api-call-expiration">
<title>Enabling API Call Expiration</title>
<para>
You can set an expiry timestamp on API calls to prevent replay attacks over non-secure channels, such as HTTP. The server tracks the expiry timestamp you have specified and rejects all the subsequent API requests that come in after this validity period.
</para>
<para>To enable this feature, add the following parameters to the API request:</para>
<itemizedlist>
<listitem><para>signatureVersion=3: If the signatureVersion parameter is missing or is not equal to 3, the expires parameter is ignored in the API request.</para></listitem>
<listitem><para>expires=YYYY-MM-DDThh:mm:ssZ: Specifies the date and time at which the signature included in the request is expired. The timestamp is expressed in the YYYY-MM-DDThh:mm:ssZ format, as specified in the ISO 8601 standard.</para></listitem>
</itemizedlist>
<para>For example:</para>
<programlisting>expires=2011-10-10T12:00:00+0530</programlisting>
<para>A sample API request with expiration is given below:</para>
<programlisting>http://&lt;IPAddress&gt;:8080/client/api?command=listZones&amp;signatureVersion=3&amp;expires=2011-10-10T12:00:00+0530&amp;apiKey=miVr6X7u6bN_sdahOBpjNejPgEsT35eXq-jB8CG20YI3yaxXcgpyuaIRmFI_EJTVwZ0nUkkJbPmY3y2bciKwFQ&amp;signature=Lxx1DM40AjcXU%2FcaiK8RAP0O1hU%3D</programlisting>
</section>
Reference in New Issue View Git Blame Copy Permalink