Skip to main content

Identity Authentication

TCB HTTP Access Service supports enabling the authentication feature to ensure that only authenticated legitimate users can access your services. This document guides you on how to enable authentication and correctly use authorization information in requests across different platforms.

What is HTTP Authentication

HTTP Authentication is a security mechanism used to verify the identity of users accessing HTTP services. By enabling this feature, you can:

  • Protect your HTTP service from unauthorized access
  • Track and log user access activities
  • Provide personalized service content based on user identity

Enabling HTTP Authentication

  1. Log in to the TCB console and go to the HTTP Access Service management page
  2. In the domain-associated resources list, locate the path that requires authentication.
  3. Click the authentication switch for the corresponding path to enable authentication.

HTTP Authentication Settings

Important Note

After identity authentication is enabled:

  • Browser access: The system will automatically redirect to the login page. After successful login, the user will be automatically redirected back to the original page.
  • API Calls: Requests without valid authentication information will return a 401 Unauthorized error.
  • Mini Program/mobile applications: Authentication information needs to be obtained and carried via the SDK.

Using Authentication Information in HTTP Requests

const axios = require("axios");
const cloudbase = require("@cloudbase/js-sdk");

// Initialize the SDK
const app = cloudbase.init({
    env: env: "Your environment ID" // Replace with your TCB environment ID
});
const auth = app.auth();

// User login (example using account password login)
await auth.signIn({
    username: "your username",
    password: "your password"
});

// Obtain token
const {
    accessToken
} = await auth.getAccessToken();

// Make an authenticated HTTP request
axios({
        url: url: "custom path",
        method: "post",
        headers: {
            'Authorization': `Bearer ${accessToken}`,
            'Content-Type': 'application/json'
        },
        data: {
            name: name: "TCB",
            action: "action: "test authentication"
        }
    })
    .then(response => {
        console.log("Request succeeded:", response.data);
    })
    .catch(error => {
        console.error("Request failed:", error);
    });