You can send HTTP GET requests to call the TDS API. Before you send a request, specify the request parameters for the specific operation. A response is returned for each request. Requests and responses are encoded using UTF-8.

Request structure

The TDS API is a Remote Procedure Call (RPC) API. You can call this API by sending HTTP GET requests.

The request structure is as follows:

https://Endpoint/?Action=xx&Parameters
Specifically:
  • Endpoint: The endpoint of the TDS API is tds.aliyuncs.com.
  • Action: The operation that you want to perform. For example, you can use the DescribeAlarmEventList operation to obtain a list of the alert events.
  • Version: The version of the API that you call. The current TDS API version is 2018-12-03.
  • Parameters: the request parameters. Separate multiple parameters with ampersands (&).

    The request parameters include common parameters and API-specific parameters. Common parameters include the API version number and identity verification information. For more information, see Common parameters.

The following is an example request that calls the DescribeAlarmEventList operation to obtain a list of alert events.
Note The examples in this document are formatted to improve readability.
http(s)://tds.aliyuncs.com/? Action=DescribeAlarmEventList
&Format=xml 
&Version=2018-12-03
&Signature=xxxx%xxxx%3D 
&SignatureMethod=HMAC-SHA1 
&SignatureNonce=15215528852396 
&SignatureVersion=1.0 
&AccessKeyId=key-test 
&TimeStamp=2012-06-01T12:00:00Z
...

API authorization

To ensure the security of your account, we recommend that you call the TDS API as a RAM user. Before calling the TDS API as a RAM user, you must create a RAM user and grant it corresponding permissions.

API signature

To ensure the security of your API, you must sign the API request. TDS uses the signature in the request for identity verification.

TDS implements symmetric encryption through AccessKey ID and AccessKey Secret to authenticate the request sender. An AccessKey pair is an identity credential issued to Alibaba Cloud accounts and RAM users. It is similar to a user logon password. The AccessKey ID is used to verify the identity of the user. The AccessKey Secret is used to encrypt the signature string and is also used by the server to verify the signature string. The AccessKey Secret must be kept confidential.

For an RPC API, you must add the signature to the API request in the following format:
https://endpoint/?SignatureVersion=1.0&SignatureMethod=HMAC-SHA1&Signature=CT9X0VtwR86fNWSnsc6v8YGOjuE%3D&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf
Take the DescribeAlarmEventList operation as an example. If the AccessKey ID is testid and the AccessKey Secret is testsecret, the original request URL is as follows:
https://tds.aliyuncs.com/?Action=DescribeAlarmEventList
&TimeStamp=2016-02-23T12:46:24Z 
&Format=XML 
&AccessKeyId=testid 
&SignatureMethod=HMAC-SHA1 
&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf
&Version=2018-01-17
&SignatureVersion=1.0 
To calculate the signature, perform the following operations:
  1. Use the request parameters to create a query string to sign.
    GET&%2F&AccessKeyId%3Dtestid&Action%3DDescribeAlarmEventList&Format%3DXML&SignatureMethod%3DHMAC-SHA1&SignatureNonce%3D3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf&SignatureVersion%3D1.0&TimeStamp%3D2016-02-23T12%253A46%253A24Z&Version%3D2018-12-03 
  2. Calculate the HMAC value of the string to sign.
    Append an ampersand (&) to the AccessKey Secret, which will be used as the key to calculate the HMAC value. In this example, the key is testsecret&.
    CT9X0VtwR86fNWSnsc6v8YGOjuE=
  3. Add the signature to the request URL:
    https://tds.aliyuncs.com/?Action=DescribeAlarmEventList
    &TimeStamp=2016-02-23T12:46:24Z 
    &Format=XML 
    &AccessKeyId=testid 
    &SignatureMethod=HMAC-SHA1 
    &SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0ad82fd6cf
    &Version=2018-12-03
    &SignatureVersion=1.0 
    &Signature=CT9X0VtwR86fNWSnsc6v8YGOjuE%3D