# Overview
The appID management function maintains application authentication information, and can configure whether to enable signatures and IP whitelists. Custom configurations at the AppID level can be used by custom plug-ins. appID is used to associate routing rules in the routing management configuration. When the corresponding routing rules are triggered, the application will be authenticated.
# appID list
Menu location: Gateway Management > appID Management. Click the menu to enter the appID list page, as shown in the figure.
# Add appID
Click the Add button to pop up the new window, as shown in the figure.
appID: the unique identifier of a third-party application, the length cannot exceed 64 characters, required;
Application name: Third-party application name, the length cannot exceed 128 characters, required;
Whether to enable signature: the authentication method and key must be configured when starting;
Authentication method: Optional MD5 signature (verified using the gateway's built-in authentication method) | Custom authentication plug-in (using customized authentication logic). For more information, please see the introduction of the FizzGate integration platform; required when enabling signature;
Key: The key used by third-party applications. You can generate a random key through the Generate Random Key button. It is required when signing is enabled;
Whether to enable the IP whitelist: When enabled, you can configure the IP whitelist, and the gateway will filter the request based on the IP address of the source;
IP whitelist: The IP segment supports two formats: 1.2.3.100-120 and 1.2.3.*. Only the last segment can be represented by a range or an asterisk;
Custom configuration: AppID-level custom configuration is used by custom plug-ins, and all plug-ins can obtain this configuration information.
# Edit appID
Click the Edit button to pop up the editing window, as shown in the figure.
# Delete appID
Click the Delete button to pop up the deletion confirmation window, as shown in the figure.
Click the OK button to delete the appID. If the appID has an associated routing configuration, the corresponding associated routing configuration will also be deleted together.
# appID usage instructions
When appid has signature enabled, the caller needs to pass the following request header when calling the interface
- fizz-appid appid request header
- fizz-sign signature request header, passing the signature value generated based on the key
- fizz-ts timestamp request header, transmits the current timestamp
verification method:
- MD5 signature is a built-in authentication method. The signature generation method is: MD5(appid+_+timestamp+_+key) such as: MD5(10001_1605255335977_e4502ba3a71448bbbcecef22b305d2ba)
- Custom authentication plug-ins require the development of authentication plug-ins, and the signature and signature verification methods can be customized
Example:
fizz-appid: 10001
fizz-sign: e4502ba3a71448bbbcecef22b305d2ba
fizz-ts: 1605255335977
# Custom alternate request header
Supports custom configurable alternate signature headers. When the default request header has no value, the value of the alternate request header is taken. The alternate request header is mainly used to be compatible with the signature verification request header of historical systems.
Modify the application.yml configuration file of fizz-gateway-node and add the following configuration items:
custom:
header:
appid: app-id,gw-appid # Alternate request header of fizz-appid, multiple ones separated by commas. If the previous request header has no value, the gateway will take the next value in order.
sign: signature # Alternative request headers of fizz-sign, multiple ones separated by commas. If the previous request header has no value, the gateway will take the next value in order.
ts: timestamp # Alternative request headers of fizz-ts, multiple ones separated by commas. If the previous request header has no value, the gateway will take the next value in order.