STS introduction

Last Updated: Jul 03, 2017

The Alibaba Cloud Security Token Service (STS) provides short-term access permission management for Alibaba Cloud accounts (or RAM users). Through STS, you can issue federated users (who are managed in your local account system) with an access credential that customizes the expiration duration and access permission. Federated users can use STS temporary access credential to directly invoke Alibaba Cloud service API or log on to Alibaba Cloud Management Console to access authenticated resources.

Access point

The default STS access point is https://sts.aliyuncs.com. You must connect to the access point through HTTPS.

Glossary

Terminology Description
Federated identity Federated user identity is managed by the customer themselves.
Policy A language used to describe an authorization policy.
Grantor Authorization token issuer (Alibaba Cloud account or an RAM user)
Name Authorization token user (a federated user)
Thank you! We've received your feedback.