Help Center/ CodeArts TestPlan/ Service Overview/ Security/ Authentication and Access Control
Updated on 2023-04-23 GMT+08:00

Authentication and Access Control

Authentication

You can access CodeArts TestPlan using its UI, APIs, and SDKs. Regardless of the access mode, your requests are sent through REST APIs provided by CodeArts TestPlan.

CodeArts TestPlan APIs can be accessed only after requests are authenticated.

CodeArts TestPlan supports two authentication modes:

  • Token: Requests are authenticated using tokens. By default, token authentication is required to access the CodeArts TestPlan console.
  • AK/SK: Requests are encrypted using an AK/SK. This method is recommended because it provides higher security than token-based authentication.

Access Control

CodeArts TestPlan controls user operations in two ways.

  • Role permission control: Roles and permissions are required for adding, deleting, modifying, and querying objects such as test plans, cases, suites, reports, and customized settings of CodeArts TestPlan.
  • Fine-grained permission control (IAM): Operations such as querying tenant projects, setting project creators, and managing tenant project member lists require fine-grained authorization from IAM.