Updated on 2024-08-02 GMT+08:00

Authenticating the API Request

Token authentication is required to call an ESM API.

Token Authentication

The validity period of a token is 24 hours. When using a token for authentication, cache it to avoid frequently calls to the API.

A token specifies temporary permissions in a computer system.

During API authentication using a token, the token is added to a request to get permissions for calling the API. Obtain it by calling the API for obtaining a user token.

A cloud service can be deployed as either a project-level service or global service, where,

  • For a project-level service, obtain a project-level token. When you call the API, set auth.scope in the request body to project.
  • For a global service, obtain a global token. When you call the API, set auth.scope in the request body to domain.

Message & SMS is a project-level service. When you call the API for obtaining a user token, set auth.scope in the request body to project.

{ 
      "auth": { 
          "identity": { 
              "methods": [ 
                  "password" 
              ], 
              "password": { 
                  "user": { 
                      "name": "username", 
                      "password": "********", 
                      "domain": { 
                          "name": "domainname" 
                      } 
                  } 
              } 
          }, 
          "scope": { 
              "project": { 
                     "name": "xxxxxxxx" 
              } 
          } 
     } 
  }

After a token is obtained, the X-Auth-Token header must be added to requests to specify the token when calling other APIs. For example, if the token is ABCDEFJ...., add X-Auth-Token: ABCDEFJ.... to a request as follows:

POST https://esm-api.cn-south-1.myhuaweicloud.com/meter/v1/{domain_id}/query-jobs
Content-Type: application/json 
X-Auth-Token: ABCDEFJ....