Authentication
Typical Scenario
This API is called by an NA for access authentication when the NA accesses open APIs of the IoT platform for the first time. After the authentication of the NA expires, the NA must call this API to perform authentication again so that the NA can continue to access open APIs of the IoT platform.
API Function
This API is used by an NA to get authenticated before accessing open APIs of the IoT platform for the first time.
Note
The Authentication API is the prerequisite for calling other APIs. app_key and Authorization must be carried in the request header when northbound APIs, except the Authentication API, are called. The value of app_key is the same as that of appId in the request. The value of Authorization is in the format of Authorization: Bearer {accessToken}. The value of accessToken is obtained by calling the Authentication API.
If you have obtained the accessToken for multiple times, only the last accessToken is valid, and the previous ones are invalid. Do not obtain the accessToken through concurrent attempts.
API Prototype
Method |
POST |
|---|---|
URL |
https://server:port/iocm/app/sec/v1.1.0/login |
Transport Protocol |
HTTPS |
Request Parameters
Parameter |
Mandatory or Optional |
Type |
Location |
Description |
|---|---|---|---|---|
appId |
Mandatory |
String(256) |
body |
Identifies an application that can be accessed on the IoT platform. The value of this parameter is allocated by the IoT platform when the application is created on the platform. |
secret |
Mandatory |
String(256) |
body |
Indicates a secret used to access the IoT platform. It maps to appId. The value of this parameter is allocated by the IoT platform when the application is created on the platform. |
Response Parameters
Status Code: 200 OK
Parameter |
Type |
Description |
|---|---|---|
scope |
String(256) |
Indicates the application permission scope, that is, the scope of IoT platform resources that can be accessed using the accessToken. This parameter has a fixed value of default. |
tokenType |
String(256) |
Indicates the type of the accessToken. This parameter has a fixed value of Bearer. |
expiresIn |
Integer(256) |
Indicates the validity period of the accessToken. This parameter has a fixed value of 3600 seconds. |
accessToken |
String(256) |
Indicates the authentication parameter that is used to access APIs of the IoT platform. |
refreshToken |
String(256) |
Indicates the authentication parameter that is used for the Refreshing a Token API. A refreshToken is valid for one month. When the accessToken is about to expire, you can call the Refreshing a Token API to obtain a new one. |
Request Example
Method: POST Request: https://server:port/iocm/app/sec/v1.1.0/login Content-Type: application/x-www-form-urlencoded appId=******&secret=******
Response Example
Response:
Status Code: 200 OK
Content-Type: application/json
Body:
{
"scope": "default",
"tokenType": "Bearer ",
"expiresIn": "*******",
"accessToken": "*******",
"refreshToken": "*******"
}
Error Code
HTTP Status Code |
Error Code |
Error Description |
Remarks |
|---|---|---|---|
400 |
100449 |
The device is freezed cant operate. |
The user does not have the operation permission. Recommended handling: Check whether the user corresponding to appId has the permission to call the API. |
400 |
102202 |
Required Parameter is null or empty. |
Mandatory fields cannot be left blank. Recommended handling: Check whether the mandatory parameters in the request are set. |
401 |
100208 |
AppId or secret is not right. |
appId or secret is incorrect. Recommended handling:
|
500 |
50252 |
Internal server error. |
An internal server error occurs. Recommended handling: An internal error occurs on the IoT platform. Contact IoT platform maintenance personnel. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
