Updated on 2022-12-05 GMT+08:00

AK/SK Authentication

This section describes how to use AK and SK to sign requests.
  • AK indicates the access key ID. It is a unique identifier associated with a secret access key and is used in conjunction with a secret access key to sign requests cryptographically.
  • SK indicates the secret access key used together with the access key ID to sign requests. AK and SK can be used together to identify a request sender to prevent the request from being modified.

Generating an AK and SK Pair

If an AK/SK pair has already been generated, skip this step. Find the downloaded AK/SK file, which is usually named credentials.csv.

As shown in the following figure, the file contains the username, access key ID, and secret access key.

Figure 1 Content of the credential.csv file
Perform the following procedure to generate an AK/SK pair:
  1. Log in to the management console.
  2. Click the username in the upper right corner and choose My Credentials from the drop-down list.
  1. On the My Credentials page, choose Access Keys.
  2. Click Create Access Key.
  3. Enter the password and verification code, and click OK to download the access key. Keep the access key secure.
Figure 2 Obtaining an access key

Generating a Signature

Generate a signature in the same way as in App authentication mode. Replace AppKey with AK and replace AppSecret with SK to complete the signing and request processing.

The client must synchronize the local time with the clock server to avoid a large offset in the value of X-Sdk-Date in the request header.

In addition to verifying the time format of X-Sdk-Date, ROMA Connect also verifies the time difference between the time specified by X-Sdk-Date and the actual time when the request is received. If the time difference exceeds 15 minutes, ROMA Connect rejects the request.