Help Center/ ServiceStage/ Service Overview/ Security/ Authentication and Access Control
Updated on 2024-12-16 GMT+08:00

Authentication and Access Control

Authentication

Users can access ServiceStage through its console or RESTful APIs. In essence, requests are sent through REST APIs provided by ServiceStage. You can use either of the following authentication methods to call APIs:

  • Token authentication: Requests are authenticated using tokens. During token-based API authentication, the token is added to requests to get permissions for calling the API.
  • AK/SK-based authentication: Requests are encrypted using an AK/SK pair A request must contain a signature value. The signature value is calculated based on the AK/SK of the requester and the specific information carried in the request body. AK/SK authentication is used to authenticate the identity of a request sender. For more information about access keys and how to obtain them, see Access Keys.

Access Control

ServiceStage helps you set different access permissions for employees in an enterprise to isolate permissions of different employees. You can use Identity and Access Management (IAM) to implement fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, enabling secure access to your cloud resources.

With IAM, you can use your public cloud account to create IAM users for your employees, and assign permissions to the users to control their access to specific resource types. For example, some software developers in your enterprise need to use ServiceStage resources but must not delete them or perform any high-risk operations. To achieve this result, you can create IAM users for the software developers and grant them only the permissions required for using ServiceStage resources.