Help Center> Graph Engine Service> API Reference> Calling APIs> Authentication> Authentication of Service Plane APIs
Authentication of Service Plane APIs
Calling a service plane API of GES can only be authenticated using tokens.
Token-based Authentication
A token specifies temporary permissions in a computer system. During API authentication using a token, the token is added to requests to get permissions for calling the API.
When calling the API to obtain a user token, you must set auth.scope in the request body to project.
{
"auth": {
"identity": {
"methods": [
"password"
],
"password": {
"user": {
"name": "username",
"password": "********",
"domain": {
"name": "domainname"
}
}
}
},
"scope": {
"project": {
"name": "xxxxxxxx"
}
}
}
} 
- The validity period of a token is 24 hours. When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token.
- To obtain the token, the GES scope must be project (cannot be domain).
After a token is obtained, the X-Auth-Token header field must be added to requests to specify the token when calling other APIs. For example, if the token is ABCDEFJ...., X-Auth-Token: ABCDEFJ.... can be added to a request as follows:
GET https://iam.cn-north-1.myhuaweicloud.com/v3/auth/projects Content-Type: application/json X-Auth-Token: ABCDEFJ....
Parent topic: Authentication
Last Article: Authentication of Management Plane APIs
Next Article: Response
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.