Help Center/ API Request Signing Guide/ Developer Guide/ FAQs/ How Do I Use a Temporary AK/SK to Sign Requests?

Updated on 2023-01-17 GMT+08:00

View PDF

How Do I Use a Temporary AK/SK to Sign Requests?

Integrate the signing SDK into your application and add the following parameter and value to the message header:

X-Security-Token:{securityToken}

Then, use a temporary AK/SK to sign the request. The signing SDK can be the SDK used for AK/SK-based authentication.

Create an API, set the authentication mode to IAM, and publish the API.

Obtain a temporary AK/SK and {securityToken}. For details, see the Identity and Access Management API Reference.

A response similar to the following is displayed:

{
    "credential": {
        "access": "P0HEQUQ4XBWXY5WD69X0",
        "expires_at": "2022-10-17T18:51:25.231000Z",
        "secret": "3WJuF1oMFSoSJSWKAWrhUVOVWvtAnATAbS61hDVs",
        "securitytoken": "XXXXXX......"
    }
}

Construct a request with signature parameters.

...
request.setKey("P0HEQUQ4XBWXY5WD69X0");
request.setSecret("3WJuF1oMFSoSJSWKAWrhUVOVWvtAnATAbS61hDVs");
request.setMethod("GET");
request.setUrl("url");
request.addHeader("X-Security-Token", "XXXXXX......");
...

Parent topic: FAQs

Previous topic: Are Request Header Parameters Required for Signing Requests?

Next topic: Common Errors Related to IAM Authentication Information