Skip to main content

Authentication

HTTP authentication is a security mechanism used to verify the identity of users accessing HTTP services. By enabling this feature, you can:

  • Protect your HTTP services from unauthorized user access
  • Track and record user access behavior
  • Provide personalized service content based on user identity

Enable HTTP Authentication

  1. Log in to the CloudBase console and go to HTTP Access Service Management
  2. In the domain associated resources list, find the path that requires authentication
  3. Click the "Authentication" toggle for the corresponding path to enable authentication

HTTP Authentication Settings

Access Behavior After Enabling Authentication

After enabling authentication, different types of requests will be handled differently:

Request TypeBehavior DescriptionApplicable Scenarios
Direct Browser AccessSystem automatically redirects to login page, and after successful login, automatically redirects back to original pageUser opens link in browser
Server-side API CallRequests without valid authentication information return MISSING_CREDENTIALS error codeBackend services, script API calls
Web ApplicationNeed to obtain accessToken via Web SDK and carry it in request headersFrontend web application API calls
Important Note

Browser access and server-side calls are two different scenarios:

  • Browser access: User enters URL in address bar or clicks link, system automatically handles login redirect
  • Server-side call: Code initiates requests via HTTP client (like axios, fetch), must carry valid Authorization parameter in request headers

Use Authentication Information in HTTP Requests

Prerequisites

Before using the following examples, please ensure:

  1. Authentication feature has been enabled in CloudBase console
  2. User login methods have been configured (such as username/password login, mobile login, etc.)
  3. User has completed login and obtained valid accessToken

Token Types

CloudBase supports multiple token types for authentication:

Token TypeApplicable EnvironmentUser PermissionsValidity PeriodAcquisition Method
Access TokenClient/ServerLogged-in user permissionsDefault 2 hoursObtained after logging in via Web SDK
API KeyServerAdministrator permissionsLong-term validCloudBase Console - API Key Management
Publishable KeyClient/ServerAnonymous user permissionsLong-term validCloudBase Console - API Key Management
Important Note
  • API Key has administrator privileges, strictly prohibited to use on the client side, only for server-side environment
  • Publishable Key can be safely exposed in browsers, used for requesting publicly accessible resources
  • All tokens are critical credentials for authentication, please keep them secure
const cloudbase = require("@cloudbase/js-sdk");

// Initialize SDK
const app = cloudbase.init({
    env: "Your Environment ID" // Replace with your CloudBase environment ID
});
const auth = app.auth();

// User login (example using username/password login)
await auth.signIn({
    username: "your username",
    password: "your password"
});

// Get token
const { accessToken } = await auth.getAccessToken();

// Use fetch to make authenticated HTTP request
fetch('https://Your Environment ID.service.tcloudbase.com/api/function', {
    method: 'POST',
    headers: {
        'Authorization': `Bearer ${accessToken}`,
        'Content-Type': 'application/json'
    },
    body: JSON.stringify({
        name: "CloudBase",
        action: "Test Authentication"
    })
})
.then(response => response.json())
.then(data => {
    console.log("Request successful:", data);
})
.catch(error => {
    console.error("Request failed:", error);
});