Authentication

AK/SK-based Authentication

• AK/SK-based authentication supports API requests with a body not larger than 12 MB. For API requests with a larger body, token-based authentication is recommended.
• You can use the AK/SK in a permanent or temporary access key. The X-Security-Token field must be configured if the AK/SK in a temporary access key is used, and the field value is security_token of the temporary access key.

In AK/SK-based authentication, AK/SK is used to sign requests and the signature is then added to the request headers for authentication.

• AK: access key ID, which is a unique identifier used in conjunction with a secret access key to sign requests cryptographically.
• SK: secret access key used in conjunction with an AK to sign requests cryptographically. It identifies a request sender and prevents the request from being modified.

In AK/SK-based authentication, you can use an AK/SK to sign requests based on the signature algorithm or using the signing SDK to sign requests. For details about how to sign requests and use the signing SDK, see API Request Signing Guide.

The signing SDK is only used for signing requests and is different from the SDKs provided by services.