Creates a temporary access Token.


After verifying the permissions of an MQTT client, the application server calls this method to request a Token for this client from the MQTT Server. For more information, see Token Authentication overview.


The limit of requests per user is 1000 times per second. For special needs, please submit work Order application.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ApplyToken

The operation that you want to perform. Value: ApplyToken

Operation String Yes R

The permission type of the Token. Valid values:

  • R: only read permission is available.
  • W: only write permission is available.
  • R,W: WAF has both read and write permissions. R and W they must be separated by commas (,).
ExpireTime Long   Yes 1578399620000

The timestamp when the Token expires. The minimum interval between expiration and expiration is 60 seconds. The maximum interval is 30 days. If the validity period of the value is longer than 30 days, no error is returned. However, the actual validity period is 30 days.

InstanceId String Yes post-cn-0pp12gl****

The ID of the MQTT instance, which must match the client-used instance ID. In the console instance details page.

RegionId String Yes mq-internet-access

The Region where the message queue for MQTT instance is located.

Resources String Yes TopicA/+

The resource name that indicates an MQTT Topic. Multiple topics are separated by commas (,). Each Token can run and operate a maximum of 100 resources. If there are multiple topics, sort these topics in lexicographic order.

The resource parameters registered while applying for the Token support the MQTT wildcard syntax, which includes one-level wildcard character (+) and multi-level wildcard character (#).

For example, if you specify resources if the value is "Topic1/+", the client can operate any Topic of "Topic1/xxx"; If you specify resources if Topic1/# is specified, the consumer can operate on any level of Topic1/xxx/xxx/xxx topics.

Response parameters

Parameter Type Example Description
RequestId String 31782 AAF-D0CC-44C3-ABFD-1B500276F8CD

The ID of the request, which is a common parameter. Each request has a unique ID to facilitate troubleshooting and fault locating.

Token String LzMT+XLFl5s/YWJ/MlDz4t/Lq5HC1iGU1P28HAMaxYxn8aQbALNtml7QZKl9L9kPe6LqUb95tEVo+zUqOogs9+jZwDUSzsd4X4qaD3n2TrBEuMOqKkk1Xdrvu9VBQQvIYbz7MJWZDYC3DlW7gLEr33Cuj54iIhagtBi3epStJitsssWs7otY9zhKOSZxhr49G3d0bh35mwyP18EMvDas8UlzeSozsSrujNUqZXOGK0PEBSd+rWMGDJlCt6GFmJgm2JFY7PJwf/7OOSmUYIYFs5o/PuPpoTMF+hcVXMs+0yDukIMTOzG9m3t8k36PVrghFmnK6pC3Rt3mibjW****ng==

The Token returned by the server.

Note Do not assume any length, format, or rules on the returned Token content.


Sample requests

http(s)://[Endpoint]/? Action=ApplyToken
&<Common request parameters>

Sample success responses

XML format


JSON format

  "RequestId": "31782AAF-D0CC-44C3-ABFD-1B500276F8CD",
  "Token": "LzMT+XLFl5s/YWJ/MlDz4t/Lq5HC1iGU1P28HAMaxYxn8aQbALNtml7QZKl9L9kPe6LqUb95tEVo+zUqOogs9+jZwDUSzsd4X4qaD3n2TrBEuMOqKkk1Xdrvu9VBQQvIYbz7MJWZDYC3DlW7gLEr33Cuj54iIhagtBi3epStJitsssWs7otY9zhKOSZxhr49G3d0bh35mwyP18EMvDas8UlzeSozsSrujNUqZXOGK0PEBSd+rWMGDJlCt6GFmJgm2JFY7PJwf/7OOSmUYIYFs5o/PuPpoTMF+hcVXMs+0yDukIMTOzG9m3t8k36PVrghFmnK6pC3Rt3mibjW****ng=="

Error codes

HTTP status code Error code Error message Description
404 ApiNotSupport The specified API is not supported. The current interface is not supported. Please check
400 ApplyTokenOverFlow You have applied for tokens too many times. Please try again later. token application frequency is too high, system flow limit, please try again
400 CheckAccountInfoFailed An error occurred while checking the account information by the STS token. An error occurred while parsing the account information in the sts token.
400 InstancePermissionCheckFailed An error occurred while validating the permissions of the instance. Please verify the account that created the instance and its permissions settings. The error message returned because the instance permission verification fails. Check the ownership and authorization policy of the MQTT instance.
500 InternalError An error occurred while processing your request. Try again later. The MQTT backend service is abnormal. Please try again.
400 ParameterCheckFailed An error occurred while validating the parameters. The parameters may be missing or invalid. Parameter verification failed because it may be missing or invalid.
400 PermissionCheckFailed An error occurred while validating the resource permissions. Please check the account that created the instance, topic, and GroupId, and check their permission settings. Failed to obtain the resource permission. Check the permission and authorization policy of the instance, Topic, and GroupId.
500 SystemOverFlow An error occurred while processing your request. Please try again. System throttling. Please try again.
400 InvalidParameter.%s An error occurred while validating the parameter. The parameter may be missing or invalid. Parameter verification failed because it may be missing or invalid.

For a list of error codes, visit the API Error Center.