AccessToken
AccessToken is a security token used for authentication to access protected resources on the cloud development platform.
Token Types
Cloud Development Platform supports three token types:
- Access_token
- API Key
- Publishable Key
- Applicable Environment: Client/Server
- User Permissions: Logged-in user permissions
- Validity Period: Default 2 hours. After expiration, RefreshToken must be used for refresh. Can be managed at Cloud Development Platform/Identity Authentication/token
- Obtaining Method: Obtain via Username/Password Login or WebSDK/Authentication
Username/Password Login Example:
const axios = require('axios');
let data = JSON.stringify({
"username": "string",
"password": "string",
});
const res = await axios.request({
url: 'https://your-envId.api.tcloudbasegateway.com/auth/v1/signin',
method: 'post',
data
})
const access_token = res.data.access_token
const refresh_token = res.data.refresh_token
- Applicable Environment: Server
- User Permissions: Administrator permissions
- Validity Period: Permanent
- Obtaining Method: Obtain via Cloud Development Platform/ApiKey Management Page
⚠️ Note: Tokens are critical credentials for authentication. Please keep them secure. ApiKey is strictly prohibited from being used on the client side.
- Applicable Environment: Client/Server
- User Permissions: Anonymous user permissions
- Validity Period: Permanent
- Obtaining Method: Obtain via Cloud Development Platform/ApiKey Management Page
💡 Note: It can be exposed in browsers to request publicly accessible resources, which can effectively reduce MAU.
Usage
When calling HTTP API, add the token to the request header:
Authorization: Bearer <access_token/apikey/publishable_key>
When making the actual call, replace the entire part including the angle brackets (< >) with the key you obtained. For example, if the obtained key is eymykey, then enter it as:
Authorization: Bearer eymykey
Code Example
HTTP Request Example
curl -X POST "https://your-env-id.api.tcloudbasegateway.com/v1/functions/YOUR_FUNCTION_NAME" \
-H "Authorization: Bearer <access_token/apikey/publishable_key>" \
-H "Content-Type: application/json" \
-d '{
"name": "Zhang San",
"age": 25
}'
Assume the accesstoken obtained from the CloudBase Platform is eymykey, the environment ID is cloud1-abc, and the called function name is my-first-function, then the actual request is as follows:
curl -X POST "https://cloud1-abc.api.tcloudbasegateway.com/v1/functions/my-first-function" \
-H "Authorization: Bearer eymykey" \
-H "Content-Type: application/json" \
-d '{
"name": "Zhang San",
"age": 25
}'