Help Center/ Optical Character Recognition/ Service Overview/ Security/ Identity Authentication and Access Control
Updated on 2022-11-10 GMT+08:00

Identity Authentication and Access Control

Identity Authentication

You can use OCR services through the console, APIs, or SDKs. Essentially, access requests are sent through OCR RESTful APIs.

You can use either of the following authentication methods to call OCR APIs:

  • Token authentication: Requests are authenticated using a token.
  • AK/SK-based authentication. Requests are encrypted using access key ID (AK)/secret access key (SK). An authenticated request must contain a signature value. The signature value is calculated based on the requestor's access key (AK/SK) as the encryption factor and the specific information carried in the request body. OCR supports authentication using an access key (AK/SK pair). It uses AK/SK-based encryption to authenticate requests. For details about access keys and how to obtain them, see Authentication.

Access Control

OCR supports access control through permissions (IAM permissions).

Table 1 Table 1 OCR access control

Method

Description

Permission Control

IAM permissions

IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources. After an IAM user is created, the administrator adds it to a user group. The administrator can grant the user group required OCR access permissions and all users in this group then inherit the granted permissions.

Agency authorization

To use data stored on OBS, you can authorize OCR to access OBS.