The flow of a typical request

These steps that follow detail the flow of a request and how it is handled for an API call.

Where a "Requirement" is listed, this is an activity that you must perform in the call itself, or prior to the call, when configuring the applicable header.

Important: Although there are multiple operations (“actions”) available, only one action is supported per request.
  1. The X-Akamai-ACS-Action ("action") header is located.
    • If this header is missing: The request is not an API request. It may, however, still be a valid request that can be served.
    • If this header is present: The request is handled by the API, as either a valid operation or an error.
  2. The action header is parsed using standard “query string” parsing rules.
    Note: Query string syntax already supports escaping arbitrary characters. Use care to escape at least spaces (" "), equal signs ("="), plus signs ("+"), and ampersands ("&") in any values you generate.
  3. The version is verified. The header must contain a version action header field, and its value must be set to 1, otherwise the request will fail.
    • Requirement: Any legacy headers are denied. Unexpected X-Akamai-* headers may result in the request being denied to avoid potentially incorrect or ambiguous behavior from other APIs that may be, or may have been supported by the recipient servers. Below is an example of the appropriate syntax, using the upload action:
      PUT /[CP Code]/[path]/[file.ext] HTTP/1.1
      X-Akamai-ACS-Action: version=1&action=upload&md5=0123456789abcdef01234 56789abcdef&mtime=1260000000
      [Signature Header 1]
      [Signature Header 2]
      [PUT body]
  4. The request URL is checked for validity according to normal NetStorage rules.
    • Requirement: This URL should begin with the same [CP Code] root that you use with other NetStorage protocols to target the associated storage group. The URL will name the file or directory that will be queried or modified in this request.
  5. The header field action is reviewed to determine the appropriate operation.
    • Requirement: A supported “Action” must be defined in the context of the X-Akamai-ACS-Action header. This includes the various actions discussed throughout this documentation. (For example, upload, stat, dir, and list are supported actions.) Only the actions discussed in this documentation are valid; anything else will return an error.
  6. The validity of the Signature Header Authentication in the X-Akamai-ACS-Auth-Data/X-Akamai-ACS-Auth-Sign headers is verified.
  7. The defined action is processed.