Help Center/ ROMA Connect/ Developer Guide/ Developer Guide for Service Integration/ Developing API Calling Authentication (IAM)/ Token Authentication
Updated on 2025-07-21 GMT+08:00
View PDF

Token Authentication

Scenarios

To use token authentication, you need to obtain a token and add X-Auth-Token to the request header when making API calls.

You can use either of the following authentication modes to call APIs.

  • Token authentication: Requests are authenticated using a token.
  • AK/SK authentication: Requests are encrypted using an AK/SK.

Calling an API Through Token Authentication

  1. Obtain a token.

    For details, see Obtaining a User Token in the Identity and Access Management (IAM) API Reference.

    The token is the value of X-Subject-Token in the response.

    The following is an example request:

    POST https://{iam_endpoint}/v3/auth/tokens
Content-Type: application/json

{
    "auth": {
        "identity": {
            "methods": [
                "password"
            ],
            "password": {
                "user": {
                    "name": "username",
                    "password": "********",
                    "domain": {
                        "name": ""
                    }
                }
            }
        },
        "scope": {
            "project": {
                "id": "xxxxxxxx"
            }
        }
    }
}

    In the preceding command:

    • For details about {iam_endpoint}, see "Regions and Endpoints".
    • username indicates the username.
    • indicates the account name of the user.
    • ******** indicates the login password of the user.
    • xxxxxxxx indicates the project ID.

      On the management console, click the username in the upper right corner, choose My Credentials from the drop-down list, and then view the project ID.

  2. To call a service API, add X-Auth-Token to the request header. The value of X-Auth-Token is that of the token obtained in 1.