Log Service allows you to embed console pages into a self-managed website. The pages
include query and analysis pages and dashboard pages in the Log Service console. This
way, you can easily view log data.
Background information
After you configure collection and index settings in the Log Service console, you
can use the query and analysis pages and dashboard pages. In addition, you can share
the pages to other users so that the users can view data on the pages. However, the
share method involves multiple RAM users, which increases the costs of Resource Access
Management (RAM) user management. Therefore, Log Service provides the feature that
allows you to embed query and analysis pages and dashboard pages into a self-managed
website. This way, you can access the pages without the need to log on to the Log
Service console. You can also use RAM to control access to the pages. For example,
you can grant read-only permissions to a RAM user that accesses the pages. For more
information, see Step 2: Grant permissions to the RAM user.
The following figure shows the access process.

Procedure
- Log on to your self-managed website and use Security Token Service (STS) to obtain
a temporary AccessKey pair and an STS token.
- Call STS SDK to generate a logon token that is used to log on to Log Service.
Note The STS token may contain special characters. Before you use the STS token, you must
URL encode the special characters.
Sample request:
http://signin-intl.aliyun.com/federation?Action=GetSigninToken
&AccessKeyId=<The AccessKey ID of the temporary AccessKey pair that is returned by STS>
&AccessKeySecret=<The AccessKey secret of the temporary AccessKey pair that is returned by STS>
&SecurityToken=<The token that is returned by STS>
&TicketType=mini
- Change the validity period of the logon token.
By default, the validity period of a logon token ranges from 15 minutes to 60 minutes.
You can perform the following operations to change the maximum validity period of
your logon token to 12 hours:
- In the RAM console, change the value of the Maximum Session Duration parameter to 12 hours for the RAM
role that you use.
- In the RAM console, change the value of the Logon Session Validity Period parameter to 12 hours for
the RAM user that you use.
- Change the value of the setDurationSeconds field that is included in the logon-free code to 43200L.
The following example shows the logon-free code that is written in Java. For more
information, visit
Java code.
AssumeRoleRequest assumeRoleReq = new AssumeRoleRequest();
assumeRoleReq.setRoleArn(roleArn);
assumeRoleReq.setRoleSessionName(roleSession);
assumeRoleReq.setMethod(MethodType.POST);
assumeRoleReq.setDurationSeconds(43200L);
- Generate a logon-free URL.
- Obtain the URL of the Log Service page that you want to use.
- Complete query and analysis page:
https://sls4service.console.aliyun.com/lognext/project/<Project name>/logsearch/<Logstore name>?hideTopbar=true&hideSidebar=true
- Query page:
https://sls4service.console.aliyun.com/lognext/project/<Project name>/logsearch/<Logstore name>?isShare=true&hideTopbar=true&hideSidebar=true
- Dashboard page:
https://sls4service.console.aliyun.com/lognext/project/<Project name>/dashboard/<Dashboard ID>?isShare=true&hideTopbar=true&hideSidebar=true
Note The preceding Dashboard ID appears only in the URL of a dashboard page. The ID is not the name that appears
on the dashboard.
- Generate a logon-free URL by using the logon token and the page URL.
Sample request:
http://signin-intl.aliyun.com/federation?Action=Login
&LoginUrl=<The URL to which you are redirected when your logon fails. Generally, specify the URL to which you are redirected when the HTTP status code 302 is returned on your self-managed website. You must use encodeURL to transcode the URL. >
&Destination=<The URL of a query and analysis page or a dashboard page in the Log Service console. If parameters exist, you must use encodeURL to transcode the parameters. >
&SigninToken=<The logon token that is obtained. You must use encodeURL to transcode the token. >
Examples
The following links provide sample code that is written in PHP, Python, and Go: