When you need to provide temporary access permissions to third-party applications or users, or you want to strictly control high-risk operations such as accessing or deleting sensitive data, you can obtain a temporary authentication token. The temporary authentication token is valid for 60 seconds, which prevents direct exposure of long-term API keys and reduces the risk of leakage.
Prerequisites
You have activated Alibaba Cloud Model Studio and obtained an API key.
We recommend that you configure the API key as an environment variable to reduce the risk of API key leakage.
Send request
Request example
Currently, only HTTP requests are supported.
curl -X POST https://dashscope-intl.aliyuncs.com/api/v1/tokens \
-H "Authorization: Bearer $DASHSCOPE_API_KEY" Sample response
Sample success response
{
"token":"st-****",
"expires_at":1744080369
}Sample error response
{
"code":"InvalidApiKey",
"message":"Invalid API-key provided.",
"request_id":"902fee3b-f7f0-9a8c-96a1-6b4ea25af114"
}Response parameters
Parameter | Optional | Type | Description | Example |
token | Yes | String | The short-term token generated from the API key, valid for 60 seconds. | st-**** |
expires_at | Yes | Long | The expiration time in Unix timestamp (seconds). | 1738916382 |
code | Yes | String | The error code. | InvalidApiKey: Invalid API key error code Throttling.RateQuota: Rate limiting error code SystemError: Internal error |
message | Yes | String | The error message. | Invalid API-key provided. |
request_id | Yes | String | The request ID. | 902fee3b-f7f0-9a8c-96a1-6b4ea25af114 |
Error codes
If the call failed and returned an error message, see Error messages for troubleshooting.