// CloudBase official HTTP API client guide. This skill should be used when backends, scripts, or non-SDK clients must call CloudBase platform APIs over raw HTTP instead of using a platform SDK or MCP management tool.
CloudBase platform overview and routing guide. This skill should be used when users need high-level capability selection, platform concepts, console navigation, or cross-platform best practices before choosing a more specific implementation skill.
Use this skill when a browser/Web app (React, Vue, Angular, Next, Nuxt, static sites, SPAs, dashboards, AI chat UI) needs AI models via @cloudbase/js-sdk. Default routing for page/页面/Web/前端/frontend/网页/H5 AI — call directly from browser, do NOT propose a Node.js proxy. Covers generateText and streamText. Models via ai.createModel with groups cloudbase, hunyuan-exp, or custom-*. Model IDs (deepseek-v4-flash, deepseek-v3.2, hunyuan-2.0-instruct-20251111, glm-5, kimi-k2.6) go in the model field. MUST run two-step preflight before code — see body. Keywords: 页面, Web, 前端, React, Vue, Next, Nuxt, SPA, AI chat UI, generateText, streamText, createModel, hunyuan-exp, Token Credits, TokenHub, Hunyuan, DeepSeek, GLM, Kimi, MiniMax. NOT for Node.js backend (use ai-model-nodejs), Mini Program (use ai-model-wechat), or image generation (Node SDK only).
CloudBase Web Authentication Quick Guide for frontend integration after auth-tool has already been checked. Provides concise and practical Web authentication solutions with multiple login methods and complete user management.
Complete guide for CloudBase cloud storage using Web SDK (@cloudbase/js-sdk) - upload, download, temporary URLs, file management, and best practices.
Use CloudBase document database Web SDK to query, create, update, and delete data. Supports complex queries, pagination, aggregation, realtime, and geolocation queries.
Use when building frontend Web apps that talk to CloudBase Relational Database via @cloudbase/js-sdk – provides the canonical init pattern so you can then use Supabase-style queries from the browser.
| name | http-api-cloudbase |
| description | CloudBase official HTTP API client guide. This skill should be used when backends, scripts, or non-SDK clients must call CloudBase platform APIs over raw HTTP instead of using a platform SDK or MCP management tool. |
| version | 2.20.1 |
| alwaysApply | false |
If this environment only installed the current skill, start from the CloudBase main entry and use the published cloudbase/references/... paths for sibling skills.
https://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/SKILL.mdhttps://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/references/http-api/SKILL.mdKeep local references/... paths for files that ship with the current skill directory. When this file points to a sibling skill such as auth-tool or web-development, use the standalone fallback URL shown next to that reference.
../auth-tool/SKILL.md (standalone fallback: https://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/references/auth-tool/SKILL.md)../relational-database-tool/SKILL.md (standalone fallback: https://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/references/relational-database-tool/SKILL.md)../cloud-functions/SKILL.md (standalone fallback: https://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/references/cloud-functions/SKILL.md) or ../cloudrun-development/SKILL.md (standalone fallback: https://cnb.cool/tencent/cloud/cloudbase/cloudbase-skills/-/git/raw/main/skills/cloudbase/references/cloudrun-development/SKILL.md)Use this skill whenever you need to call CloudBase platform features via raw HTTP APIs, for example:
Do not use this skill for:
@cloudbase/js-sdk (use CloudBase Web skills)@cloudbase/node-sdk (use CloudBase Node skills)Clarify the scenario
env – CloudBase environment IDDetermine the base URL
Set up authentication
Authorization: Bearer <token> header to requests.Reference OpenAPI Swagger documentation
searchKnowledgeBase tool to get OpenAPI specificationsmode=openapi and specify the apiName:
mysqldb - 关系型数据库 RESTful API (MySQL/PostgreSQL)nosql - NoSQL RESTful API (文档型数据库)functions - Cloud Functions APIauth - Authentication APIcloudrun - CloudRun APIstorage - Storage APIai_model - AI 大模型接入 APIsearchKnowledgeBase({ mode: "openapi", apiName: "mysqldb" })CloudBase HTTP API is a set of interfaces for accessing CloudBase platform features via HTTP protocol, supporting database, user authentication, cloud functions, cloud hosting, cloud storage, AI, and more.
⚠️ IMPORTANT: Always use searchKnowledgeBase tool to get OpenAPI Swagger specifications
Before implementing any HTTP API calls, you should:
Use searchKnowledgeBase tool to get OpenAPI documentation:
searchKnowledgeBase({ mode: "openapi", apiName: "<api-name>" })
Available API names:
mysqldb - 关系型数据库 RESTful API (MySQL/PostgreSQL)nosql - NoSQL RESTful API (文档型数据库)functions - Cloud Functions APIauth - Authentication APIcloudrun - CloudRun APIstorage - Storage APIai_model - AI 大模型接入 APIParse and use the swagger documentation:
Never invent API endpoints or parameters - always base your implementation on the official swagger documentation.
Before starting, ensure you have:
CloudBase HTTP API requires authentication. Choose the appropriate method based on your use case:
Applicable environments: Client/Server
User permissions: Logged-in user permissions
How to get: Use searchKnowledgeBase({ mode: "openapi", apiName: "auth" }) to get the Authentication API specification
Applicable environments: Server
User permissions: Administrator permissions
⚠️ Warning: Tokens are critical credentials for identity authentication. Keep them secure. API Key must NOT be used in client-side code.
Applicable environments: Client/Server
User permissions: Anonymous user permissions
💡 Note: Can be exposed in browsers, used for requesting publicly accessible resources, effectively reducing MAU.
CloudBase HTTP API uses unified domain names for API calls. The domain varies based on the environment's region.
For environments in domestic regions like Shanghai (ap-shanghai), use:
https://{your-env}.api.tcloudbasegateway.com
Replace {your-env} with the actual environment ID. For example, if environment ID is cloud1-abc:
https://cloud1-abc.api.tcloudbasegateway.com
For environments in international regions like Singapore (ap-singapore), use:
https://{your-env}.api.intl.tcloudbasegateway.com
Replace {your-env} with the actual environment ID. For example, if environment ID is cloud1-abc:
https://cloud1-abc.api.intl.tcloudbasegateway.com
Add the token to the request header:
Authorization: Bearer <access_token/apikey/publishable_key>
:::warning Note
When making actual calls, replace the entire part including angle brackets (< >) with your obtained key. For example, if the obtained key is eymykey, fill it as:
Authorization: Bearer eymykey
:::
curl -X POST "https://your-env-id.api.tcloudbasegateway.com/v1/functions/YOUR_FUNCTION_NAME" \
-H "Authorization: Bearer <access_token/apikey/publishable_key>" \
-H "Content-Type: application/json" \
-d '{"name": "张三", "age": 25}'
For detailed API specifications, always download and reference the OpenAPI Swagger files mentioned above.
适用于 MySQL 和 PostgreSQL:两者均基于 PostgREST 风格暴露 REST API,端点格式和请求语义一致。
提供关系型数据库(MySQL / PostgreSQL)的 HTTP 操作接口。
Support three domain access patterns:
https://{envId}.api.tcloudbasegateway.com/v1/rdb/rest/{table}https://{envId}.api.tcloudbasegateway.com/v1/rdb/rest/{schema}/{table}https://{envId}.api.tcloudbasegateway.com/v1/rdb/rest/{instance}/{schema}/{table}Where:
envId is the environment IDinstance is the database instance identifierschema is the database nametable is the table nameIf using the system database, recommend pattern 1.
| Header | Parameter | Description | Example |
|---|---|---|---|
| Accept | application/json, application/vnd.pgrst.object+json | Control data return format | Accept: application/json |
| Content-Type | application/json, application/vnd.pgrst.object+json | Request content type | Content-Type: application/json |
| Prefer | Operation-dependent feature values | - return=representation Write operation, return data body and headers- return=minimal Write operation, return headers only (default)- count=exact Read operation, specify count- resolution=merge-duplicates Upsert operation, merge conflicts- resolution=ignore-duplicates Upsert operation, ignore conflicts | Prefer: return=representation |
| Authorization | Bearer <token> | Authentication token | Authorization: Bearer <access_token> |
GET /v1/rdb/rest/{table}
Query Parameters:
select: Field selection, supports * or field list, supports join queries like class_id(grade,class_number)limit: Limit return countoffset: Offset for paginationorder: Sort field, format field.asc or field.descExample:
# Before URL encoding
curl -X GET 'https://your-env.api.tcloudbasegateway.com/v1/rdb/rest/course?select=name,position&name=like.%张三%&title=eq.文章标题' \
-H "Authorization: Bearer <access_token>"
# After URL encoding
curl -X GET 'https://your-env.api.tcloudbasegateway.com/v1/rdb/rest/course?select=name,position&name=like.%%E5%BC%A0%E4%B8%89%&title=eq.%E6%96%87%E7%AB%A0%E6%A0%87%E9%A2%98' \
-H "Authorization: Bearer <access_token>"
Response Headers:
Content-Range: Data range, e.g., 0-9/100 (0=start, 9=end, 100=total)POST /v1/rdb/rest/{table}
Request Body: JSON object or array of objects
💡 Note about
_openid: When a user is logged in (using AccessToken authentication), the_openidfield is automatically populated by the server with the current user's identity. You do NOT need to manually set this field in INSERT operations - the server will fill it automatically based on the authenticated user's session.
Example:
curl -X POST 'https://your-env.api.tcloudbasegateway.com/v1/rdb/rest/course' \
-H "Authorization: Bearer <access_token>" \
-H "Content-Type: application/json" \
-H "Prefer: return=representation" \
-d '{
"name": "数学",
"position": 1
}'
PATCH /v1/rdb/rest/{table}
Request Body: JSON object with fields to update
Example:
curl -X PATCH 'https://your-env.api.tcloudbasegateway.com/v1/rdb/rest/course?id=eq.1' \
-H "Authorization: Bearer <access_token>" \
-H "Content-Type: application/json" \
-H "Prefer: return=representation" \
-d '{
"name": "高等数学",
"position": 2
}'
⚠️ Important: UPDATE requires a WHERE clause. Use query parameters like
?id=eq.1to specify conditions.
DELETE /v1/rdb/rest/{table}
Example:
curl -X DELETE 'https://your-env.api.tcloudbasegateway.com/v1/rdb/rest/course?id=eq.1' \
-H "Authorization: Bearer <access_token>"
⚠️ Important: DELETE requires a WHERE clause. Use query parameters to specify conditions.
| Error Code | HTTP Status | Description |
|---|---|---|
| INVALID_PARAM | 400 | Invalid request parameters |
| INVALID_REQUEST | 400 | Invalid request content: missing permission fields, SQL execution errors, etc. |
| INVALID_REQUEST | 406 | Does not meet single record return constraint |
| PERMISSION_DENIED | 401, 403 | Authentication failed: 401 for identity authentication failure, 403 for authorization failure |
| RESOURCE_NOT_FOUND | 404 | Database instance or table not found |
| SYS_ERR | 500 | Internal system error |
| OPERATION_FAILED | 503 | Failed to establish database connection |
| RESOURCE_UNAVAILABLE | 503 | Database unavailable due to certain reasons |
All POST, PATCH, DELETE operations: Request header with Prefer: return=representation means there is a response body, without it means only response headers.
POST, PATCH, DELETE response bodies are usually JSON array type []. If request header specifies Accept: application/vnd.pgrst.object+json, it will return JSON object type {}.
If Accept: application/vnd.pgrst.object+json is specified but data quantity is greater than 1, an error will be returned.
When making requests, please perform URL encoding. For example:
Original request:
curl -i -X GET 'https://{{host}}/v1/rdb/rest/course?select=name,position&name=like.%张三%&title=eq.文章标题'
Encoded request:
curl -i -X GET 'https://{{host}}/v1/rdb/rest/course?select=name,position&name=like.%%E5%BC%A0%E4%B8%89%&title=eq.%E6%96%87%E7%AB%A0%E6%A0%87%E9%A2%98'
NoSQL RESTful API 提供文档型数据库(NoSQL)的 HTTP 操作接口,支持集合管理、文档 CRUD、聚合查询、事务操作和数据库命令。
https://{envId}.api.tcloudbasegateway.com/v1/database/instances/{instance}/databases/{database}/
| 参数 | 说明 |
|---|---|
envId | 环境 ID |
instance | 数据库实例 ID,默认实例使用 (default) |
database | 数据库名称,默认数据库使用 (default) |
示例:
/v1/database/instances/(default)/databases/(default)//v1/database/instances/test_instance/databases/(default)/ObjectId、Date、Int、Long、Decimal128、Binary、RegExp| 错误码 | HTTP 状态码 | 说明 |
|---|---|---|
INVALID_PARAM | 400 | 参数错误 |
DATABASE_PERMISSION_DENIED | 401 | 权限不足 |
DATABASE_INVALID_OPERRATOR | 403 | 不支持的操作 |
DATABASE_COLLECTION_NOT_EXIST | 404 | 集合不存在 |
DOCUMENT_NOT_FOUND | 404 | 文档不存在 |
DATABASE_COLLECTION_ALREADY_EXIST | 409 | 集合已存在 |
DATABASE_DUPLICATE_WRITE | 409 | 唯一索引冲突 |
EXCEED_REQUEST_LIMIT | 422 | 请求次数超限 |
EXCEED_CONCURRENT_REQUEST_LIMIT | 422 | 并发请求超限 |
DATABASE_REQUEST_FAILED | 500 | 数据库请求失败 |
SYS_ERR | 500 | 内部错误 |
DATABASE_TRANSACTION_CONFLICT | 503 | 事务冲突 |
DATABASE_TRANSACTION_FAIL | 503 | 事务执行失败 |
DATABASE_TIMEOUT | 504 | 数据库操作超时 |
详细端点使用和请求示例,请参考官方文档:https://docs.cloudbase.net/http-api/nosql/nosql-restful-api
统一的大模型接入 API,支持通过 HTTP 调用已配置的 AI 大模型(支持 SSE 流式响应)。
| 方式 | 说明 |
|---|---|
Authorization: Bearer <token> | AccessToken 认证(推荐) |
| TC3-HMAC-SHA256 签名 | 腾讯云 API v3 签名方式 |
Authorization: <apikey> | APIKey 认证 |
AccessToken 获取方式:参考 Auth OpenAPI (
searchKnowledgeBase({ mode: "openapi", apiName: "auth" }))
| 错误码 | 说明 |
|---|---|
AI_MODEL_CONFIG_MISSING | 缺少模型 API Key 或配置 |
AI_MODEL_PARAM_INVALID | 输入参数无效 |
AI_MODEL_DISABLED | 模型已禁用,请在控制台检查或等待约 2 分钟 |
AI_MODEL_NOT_SUPPORTED | 请求模型不支持或未启用 |
AI_MODEL_PARAM_REQUIRED | 缺少必需参数 model |
AI_MODEL_NOT_FOUND | 指定的模型组不存在 |
EXCEED_CONCURRENT_REQUEST_LIMIT | 并发请求超限,请稍后重试或申请更高配额 |
EXCEED_TOKEN_QUOTA_LIMIT | 模型 Token 配额超限,请购买资源或调整模型组 |
详细端点和请求格式,请参考官方文档:https://docs.cloudbase.net/http-api/ai-model/ai-%E5%A4%A7%E6%A8%A1%E5%9E%8B%E6%8E%A5%E5%85%A5
以及 OpenAPI 规范:https://docs.cloudbase.net/openapi/ai_model.v1.openapi.yaml
CloudBase platform provides an online debugging tool where you can test API interfaces without writing code:
⚠️ Always use searchKnowledgeBase tool to get OpenAPI Swagger specifications:
Use searchKnowledgeBase({ mode: "openapi", apiName: "<api-name>" }) with these API names:
auth - Authentication APImysqldb - 关系型数据库 RESTful API (MySQL/PostgreSQL)nosql - NoSQL RESTful API (文档型数据库)functions - Cloud Functions APIcloudrun - CloudRun APIstorage - Storage APIai_model - AI 大模型接入 APIHow to use the OpenAPI documentation:
searchKnowledgeBase tool with the appropriate apiName/v1/rdb/rest/{table})env="your-env-id"
token="your-access-token-or-api-key"
base="https://${env}.api.tcloudbasegateway.com"
curl -X GET "${base}/v1/rdb/rest/table_name" \
-H "Authorization: Bearer ${token}" \
-H "Content-Type: application/json"
Always check HTTP status codes and error response format:
{
"code": "ERROR_CODE",
"message": "Error message details",
"requestId": "request-unique-id"
}
🌟 IMPORTANT: Default Authentication Method
When no specific signup/signin method is specified by the user, ALWAYS use Phone SMS Verification as the default and recommended method. It is:
- ✅ The most user-friendly for Chinese users
- ✅ No password to remember
- ✅ Works for both new users (registration) and existing users (login)
- ✅ Most secure with OTP verification
- ✅ Supported by default in CloudBase
This is the preferred authentication flow for native mobile apps (iOS/Android/Flutter/React Native):
┌─────────────────────────────────────────────────────────────────────────┐
│ Step 1: Send Verification Code │
│ POST /auth/v1/verification │
│ Body: { "phone_number": "+86 13800138000", "target": "ANY" } │
│ ⚠️ IMPORTANT: phone_number MUST include "+86 " prefix WITH SPACE │
│ Response: { "verification_id": "xxx", "expires_in": 600 } │
│ 📝 SAVE verification_id for next step! │
└─────────────────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────────────────┐
│ Step 2: Verify Code │
│ POST /auth/v1/verification/verify │
│ Body: { "verification_id": "<saved_id>", "verification_code": "123456" }│
│ Response: { "verification_token": "xxx" } │
│ 📝 SAVE verification_token for login! │
└─────────────────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────────────────┐
│ Step 3: Sign In with Token │
│ POST /auth/v1/signin │
│ Body: { "verification_token": "<saved_token>" } │
│ Response: { "access_token": "xxx", "refresh_token": "xxx" } │
└─────────────────────────────────────────────────────────────────────────┘
⚠️ Critical Notes:
"+86 13800138000" with space after country codeverification_id: Returned from Step 1, required for Step 2verification_token: Returned from Step 2, required for Step 3"+86 13800138000"verification_id from send step, use it in verify step