All Products
Search
Document Center

ApsaraMQ for RabbitMQ:CreateAccount

Last Updated:Apr 24, 2026

When an open-source client accesses an ApsaraMQ for RabbitMQ server, it must provide a username and password for authentication. ApsaraMQ for RabbitMQ lets you generate a username and password from an AccessKey ID and AccessKey secret provided by Resource Access Management (RAM).

Operation description

Background information

When an open-source client accesses an ApsaraMQ for RabbitMQ server, it must provide a username and password for authentication. The client can access the server after the authentication is successful. ApsaraMQ for RabbitMQ lets you generate a username and password from an AccessKey ID and AccessKey secret provided by RAM.

Notes

  • The instance for which you create a static username and password must be in the In Service state.

  • An AccessKey and a static username and password have a one-to-one mapping within an instance. This means you can create only one static username and password for each AccessKey in an instance.

  • To update a static username and password, delete the existing one and create a new one.

Username calculation sample code

The value of the userName request parameter is a Base64-encoded string. This string is constructed from the instance ID and the AccessKey ID. The following sample code shows how to calculate the value:

import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

public class Base64Utils {
    public static final Charset UTF8 = StandardCharsets.UTF_8;

    /**
     * Decode a Base64 string
     *
     * @param str
     * @return
     */
    public static String decode(String str) {
        return new String(Base64.getDecoder().decode(str.getBytes(UTF8)), UTF8);
    }

    public static String encode(String bytes) {
        return new String(Base64.getEncoder().encode(bytes.getBytes(UTF8)), UTF8);
    }

    public static void main(String[] args) {
        // Construct a string from your instance ID and the AccessKey ID of the account that was used to purchase the instance.
        String str = "2:${instanceId}:${ak}";

        // Generate the userName for the API call.
        String userName = encode(str);
        System.out.println("userName=" + userName);

        String decodeStr = decode(userName);
        System.out.println("originStr=" + decodeStr);
    }
}

Signature algorithm sample code

The values of the signature and secretSign request parameters are calculated using an encryption algorithm. The algorithm uses the creation timestamp of the static username and the AccessKey secret. The following sample code shows the algorithm:

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

public class SignatureUtils {

    public static String hamcsha1(byte[] data, byte[] key) throws NoSuchAlgorithmException, InvalidKeyException {
        SecretKeySpec signingKey = new SecretKeySpec(key, "HmacSHA1");
        Mac mac = Mac.getInstance("HmacSHA1");
        mac.init(signingKey);
        return byte2hex(mac.doFinal(data));
    }

    public static String byte2hex(byte[] b) {
        StringBuilder hs = new StringBuilder();
        String stmp;
        for (int n = 0; b != null && n < b.length; n++) {
            stmp = Integer.toHexString(b[n] & 0XFF);
            if (stmp.length() == 1) {
                hs.append('0');
            }
            hs.append(stmp);
        }
        return hs.toString().toUpperCase();
    }

    public static void main(String[] args) throws InvalidKeyException, NoSuchAlgorithmException {
        // createTimestamp is the createTimestamp parameter of the API.
        String createTimestamp = String.valueOf(System.currentTimeMillis());
        System.out.println("timestamp:" + createTimestamp);

        // The AccessKey secret of your account.
        String sk = "${sk}";

        // Generate the SecretSign for the API call.
        String SecretSign = hamcsha1(sk.getBytes(), createTimestamp.getBytes());
        System.out.println("SecretSign:" + SecretSign);

        // Generate the signature for the API call.
        String signature = hamcsha1(createTimestamp.getBytes(), sk.getBytes());
        System.out.println("signature:" + signature);
    }
}

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter

Type

Required

Description

Example

instanceId

string

Yes

The ID of the ApsaraMQ for RabbitMQ instance. This specifies the instance for which you want to create a static username and password.

amqp-cn-*********

accountAccessKey

string

Yes

The AccessKey ID of your Alibaba Cloud account or RAM user. For more information about how to obtain an AccessKey ID, see Create an AccessKey.

Note

If you use the AccessKey of a RAM user to create a static username and password to access ApsaraMQ for RabbitMQ and to send and receive messages, make sure that the RAM user is granted the required permissions. For more information, see RAM access policies.

yourAccessKeyID

userName

string

Yes

The static username that you want to create.

The value of this parameter is a Base64-encoded string that is constructed from the instance ID and the AccessKey ID. For more information about how to calculate the value, see the Username calculation sample code section in this topic.

Mjo****************

signature

string

Yes

The signature. The system calculates the static password based on the signature, the AccessKey secret signature, and the username.

The signature is calculated using the HmacSHA1 algorithm on the creation timestamp of the specified username and the AccessKey ID. For more information about how to calculate the signature, see the Signature algorithm sample code section in this topic.

22c2d7d1769cb53c5a6d9213248e2de524******

createTimestamp

integer

Yes

The timestamp that indicates when the username and password are created. Unit: milliseconds.

Note

This timestamp is used to calculate the static password. You can customize this value. This is not the timestamp that the system generates when the username and password are created.

1671175303522

secretSign

string

Yes

The signature of the AccessKey secret. The system calculates the static password based on the signature, the AccessKey secret signature, and the username.

The AccessKey secret signature is calculated using the HmacSHA1 algorithm on the creation timestamp of the specified username and the AccessKey ID. For more information about how to calculate the signature, see the Signature algorithm sample code section in this topic.

4c1a6367ce4c4255e9617326f9133ac635******

Remark

string

No

The remarks on the static user.

*** environment

Response elements

Element

Type

Description

Example

object

The returned result.

RequestId

string

The request ID.

FEBA5E0C-50D0-4FA6-A794-4901E5465***

Code

integer

The return code. A value of 200 indicates that the request was successful.

200

Message

string

The returned message.

operation success

Success

boolean

Indicates whether the request was successful.

true

Data

object

The returned data.

AccessKey

string

The AccessKey ID that is used to create the username and password.

LTAI****************

Password

string

The created static password.

OUYwQzM2QjZBRkUxNDRFM***************MzZCNzdDQzoxNjcxNDMwMzkyODI1

CreateTimeStamp

integer

The timestamp when the username and password were created. Unit: milliseconds.

1671175303522

InstanceId

string

The ID of the ApsaraMQ for RabbitMQ instance.

amqp-cn-*********

MasterUId

integer

The ID of the Alibaba Cloud account or RAM user that owns the AccessKey. The AccessKey is used to create the static username and password.

1565***********01

UserName

string

The created static username.

MjphbXFwLWNuLXVxbTJ6cjc2djAwMzpMVEFJNX*******ZNMWVSWnRFSjZ2Zm8=

Remark

string

The remarks.

***环境

Examples

Success response

JSON format

{
  "RequestId": "FEBA5E0C-50D0-4FA6-A794-4901E5465***",
  "Code": 200,
  "Message": "operation success",
  "Success": true,
  "Data": {
    "AccessKey": "LTAI****************",
    "Password": "OUYwQzM2QjZBRkUxNDRFM***************MzZCNzdDQzoxNjcxNDMwMzkyODI1",
    "CreateTimeStamp": 1671175303522,
    "InstanceId": "amqp-cn-*********",
    "MasterUId": 0,
    "UserName": "MjphbXFwLWNuLXVxbTJ6cjc2djAwMzpMVEFJNX*******ZNMWVSWnRFSjZ2Zm8=",
    "Remark": "***环境"
  }
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.