Updated on 2024-01-30 GMT+08:00

Authentication

You can use the following authentication method:

Token authentication: Requests are authenticated using tokens.

Token Authentication

The validity period of a token is 24 hours. When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token.

A token specifies temporary permissions in a computer system. During API authentication using a token, the token is added to requests to get permissions for calling the API. You can obtain a user token by calling the API for Obtaining a User Token.

A cloud service can be deployed globally or at the project level.

  • A project-level service requires a project-level token. When you call the API, set auth.scope in the request body to project.
  • A global service requires a global token. When you call the API, set auth.scope in the request body to domain.

A project-level token is required for calling APIs of the DRS service. As such, set auth.scope in the request body to project when you call the API for obtaining a user token.

{ 
     "auth": { 
         "identity": { 
             "methods": [ 
                 "password" 
             ], 
             "password": { 
                 "user": { 
                     "name": "username", 
                     "password": "********", 
                     "domain": { 
                         "name": "domainname" 
                     } 
                 } 
             } 
         }, 
         "scope": { 
             "project": { 
                 "name": "projectname" 
             } 
         } 
     } 
 }

In section 3.1 Making an API Request, the process of calling the API used to obtain a user token is described. After a token is obtained, add the X-Auth-Token header field must be added to requests to specify the token when calling other APIs. For example, if the token is ABCDEFJ...., X-Auth-Token: ABCDEFJ.... can be added to a request as follows:

POST https://iam.cn-north-1.myhuaweicloud.com/v3/auth/projects 
Content-Type: application/json 
X-Auth-Token: ABCDEFJ....