Help Center/ CodeArts Req/ Service Overview/ Security/ Authentication and Access Control
Updated on 2024-05-16 GMT+08:00

Authentication and Access Control

Authentication

You can access CodeArts Req using its user interface, APIs, and SDKs. Regardless of the access mode, your requests are sent through REST APIs provided by CodeArts Req.

CodeArts Req APIs can be accessed only after requests are authenticated.

CodeArts Req supports two authentication modes:

  • Token: Requests are authenticated using tokens. By default, token authentication is required to access the CodeArts Req console.
  • AK/SK: Requests are encrypted using an AK/SK. This method is recommended because it provides higher security than token-based authentication.

For more authentication details and how to obtain tokens and signatures, see Authentication.

Access Control

CodeArts Req controls operations by:

  • Role permission control: Roles and permissions are required for adding, deleting, modifying, and querying objects such as work items, sprints, plans, reports, documents, and custom settings of CodeArts Req.
  • Fine-grained permission control: Operations such as querying tenant projects, setting project creators, and managing tenant project member lists require fine-grained authorization from Identity and Access Management (IAM).