This topic describes how to create and obtain an AccessKey pair for an Alibaba Cloud
account or a Resource Access Management (RAM) user. When you call an API operation,
you must use the AccessKey pair to verify your identity.
Background information
An AccessKey pair consists of an AccessKey ID and an AccessKey secret.
- The AccessKey ID is used to verify the identity of the user.
- The AccessKey secret is used to encrypt and verify the signature string. You must
keep your AccessKey secret strictly confidential.
Warning If the AccessKey pair of your Alibaba Cloud account is disclosed, your resources are
exposed to potential risks. We recommend that you use a RAM user to call API operations.
This minimizes the possibility of disclosing the AccessKey pair of your Alibaba Cloud
account.
Procedure
- Use an Alibaba Cloud account to log on to the Alibaba Cloud Management Console.
- Move the pointer over the profile picture in the upper-right corner of the page and
click AccessKey Management.
- In the Note dialog box, click Use Current AccessKey Pair or Use AccessKey Pair of RAM User.

- Obtain the AccessKey pair of an Alibaba Cloud account
- Click Use Current AccessKey Pair.
- On the AccessKey Management page, click Create AccessKey.
- In the Create AccessKey dialog box, view the AccessKey ID and AccessKey secret. You can click Download CSV File to download the AccessKey pair or click Copy to copy the AccessKey pair.

- Obtain the AccessKey pair of a RAM user
- Click Use AccessKey Pair of RAM User.
- On the Users page of the RAM console, find the RAM user whose AccessKey pair you want to obtain.
Note If you do not have a RAM user, create one first. For more information, see
Create a RAM user.
- Click the name of the RAM user in the User Logon Name/Display Name column.
- In the User AccessKeys section of the Authentication tab, click Create AccessKey.
- In the Create AccessKey dialog box, view the AccessKey ID and AccessKey secret. You can click Download CSV File to download the AccessKey pair or click Copy to copy the AccessKey pair.

Note
- The AccessKey secret is displayed only when you create an AccessKey pair and cannot
be queried in the future. You must keep your AccessKey secret confidential.
- If your AccessKey pair is disclosed or lost, you must create another AccessKey pair.
However, you can create a maximum of two AccessKey pairs for each RAM user.