Help Center/ IoT Device Access/ API Reference/ API Reference on the Application Side/ API/ Device Authentication Template Management/ Query Details About an Authentication Template
Updated on 2026-01-29 GMT+08:00
View PDF
Share

Query Details About an Authentication Template

Function

The API is used by an application to query details about a device authentication template with a specified ID on the IoT platform.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

  • If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
  • If you are using identity policy-based authorization, the following identity policy-based permissions are required.

    Action

    Access Level

    Resource Type (*: required)

    Condition Key

    Alias

    Dependencies

    iotda:deviceauthenticationtemplate:query

    Read

    instance *

    g:EnterpriseProjectId

    -

    -

URI

GET /v5/iot/{project_id}/device-authentication-templates/{template_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Parameter description: project ID. For details, see Obtaining a Project ID.

template_id

Yes

String

Authentication template ID.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

No

String

Parameter description: user token. Obtain the token by calling the IAM API for obtaining a user token through password authentication. In the returned response header, X-Subject-Token is the desired user token. For details about how to obtain the token, see Token Authentication.

Instance-Id

No

String

Parameter description: instance ID. This parameter is required only when the API is called from the management plane in the physical multi-tenant scenario. Log in to the IoTDA console and choose Overview in the navigation pane to check the instance ID.

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

template_id

String

Authentication template ID.

template_name

String

Authentication template name.

create_time

String

Time when an authentication template is created. The value is in the format of yyyyMMdd'T'HHmmss'Z', for example, 20151212T121212Z.

update_time

String

Time when the authentication template was last modified. The value is in the format of yyyyMMdd'T'HHmmss'Z', for example, 20151212T121212Z.

description

String

Description of an authentication template.

status

String

Parameter description: authentication template status.

  • ACTIVE: The authentication template is enabled.

  • INACTIVE: The authentication template is disabled.

template_body

AuthenticationTemplateBody object

Parameter description: details of a pre-provisioning template, in JSON format.
Table 4 AuthenticationTemplateBody

Parameter

Type

Description

parameters

Object

Parameter description: authentication template parameters. The clientId, username, and device certificate attributes in the MQTT connection parameters are preset on the platform.

  • iotda::mqtt::client_id: client ID in the MQTT connection parameter triplet

  • iotda::mqtt::username: username in the MQTT connection parameter triplet

  • iotda::certificate::country: country/region, C

  • iotda::certificate::organization: organization, O

  • iotda::certificate::organizational_unit: organizational unit, OU

  • iotda::certificate::distinguished_name_qualifier: distinguished name qualifier, dnQualifier

  • iotda::certificate::state_name: province and city, ST

  • iotda::certificate::common_name: common name, CN

  • iotda::certificate::serial_number: serial number, serialNumber

  • iotda::device::secret: original secret of a device

resources

AuthenticationTemplateResource object

Structure of device resource details in the authentication template.
Table 5 AuthenticationTemplateResource

Parameter

Type

Description

device_id

Object

Device ID. The JSON object can obtain the device ID from parameters only by using the function under FunctionDefinition.

timestamp

TimestampResource object

Verification of the device timestamp is conducted if the value is not empty. Recommended: Enable verification if the device connection parameters (clientId and username) include the timestamp. Verification process: The platform compares the timestamp carried by the device with the platform system time. If the timestamp plus 1 hour is less than the platform system time, the verification fails. To disable the verification, set value to {}.

password

Object

The MQTT authentication password is required for password authentication mode, not for certificate authentication mode. To generate the password from the parameters, use the FunctionDefinition function. The platform verifies that the parsed function result matches the MQTT connection password for successful authentication. The function must contain the device original secret parameter ${iotda::device::secret} and can be used only in the hash function.
Table 6 TimestampResource

Parameter

Type

Description

type

String

UNIX: Unix timestamp, which is a long integer at the second level. FORMAT: time format specified in the format field.

pattern

String

Date and time format.

value

Object

Timestamp of the device connection. You can use the FunctionDefinition function to generate the timestamp. To disable timestamp verification, leave this field empty ({}).

Example Requests

Queries details about an authentication template with a specified ID.

GET https://{endpoint}/v5/iot/{project_id}/device-authentication-templates/{template_id}

Example Responses

Status code: 200

OK

{
  "template_id" : "5c90fa7d3c4e4405e8525079",
  "template_name" : "myTemplate",
  "description" : "myTemplate",
  "status" : "ACTIVE",
  "template_body" : {
    "parameters" : {
      "iotda::mqtt::client_id" : {
        "type" : "String"
      },
      "iotda::mqtt::username" : {
        "type" : "String"
      },
      "iotda::device::secret" : {
        "type" : "String"
      }
    },
    "resources" : {
      "device_id" : {
        "Fn::SplitSelect" : [ "${iotda::mqtt::username}", "&", 0 ]
      },
      "timestamp" : {
        "type" : "UNIX",
        "value" : {
          "Fn::MathDiv" : [ {
            "Fn::ParseLong" : {
              "Fn::SplitSelect" : [ {
                "Fn::SplitSelect" : [ "${iotda::mqtt::client_id}", "|", 2 ]
              }, "=", 1 ]
            }
          }, 1000 ]
        }
      },
      "password" : {
        "Fn::HmacSHA256" : [ {
          "Fn::Sub" : [ "clientId${clientId}deviceName${deviceName}productKey${productKey}timestamp${timestamp}", {
            "clientId" : {
              "Fn::SplitSelect" : [ "${iotda::mqtt::client_id}", "|", 0 ]
            },
            "deviceName" : {
              "Fn::SplitSelect" : [ "${iotda::mqtt::username}", "&", 0 ]
            },
            "productKey" : {
              "Fn::SplitSelect" : [ "${iotda::mqtt::username}", "&", 1 ]
            },
            "timestamp" : {
              "Fn::SplitSelect" : [ {
                "Fn::SplitSelect" : [ "${iotda::mqtt::client_id}", "|", 2 ]
              }, "=", 1 ]
            }
          } ]
        }, "${iotda::device::secret}" ]
      }
    }
  },
  "create_time" : "20230810T070547Z",
  "update_time" : "20230810T070547Z"
}

Status Codes

Status Code

Description

200

OK

404

Not Found

Error Codes

See Error Codes.