Creates a temporary access Token.
Scenario
After verifying the permissions of an MQTT client, the application server calls this method to request a Token for this client from the MQTT Server. For more information, see Overview of token authentication.
Limits
The limit of requests per user is 500 times per second. For special needs, please submit work Order application.
Debugging
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| Action | String | Yes | ApplyToken | The operation that you want to perform. Value: ApplyToken |
| Actions | String | Yes | R | The permission type of the Token. Valid values:
|
| ExpireTime | Long | Yes | 1578399620000 | The timestamp when the Token expires. The minimum interval between expiration and expiration is 60 seconds. The maximum interval is 30 days. If the validity period of the value is longer than 30 days, no error is returned. However, the actual validity period is 30 days. |
| InstanceId | String | Yes | post-cn-0pp12gl**** | The ID of the MQTT instance, which must match the client-used instance ID. In the console instance details page. |
| Region ID | String | Yes | mq-internet-access | The Region where the message queue for MQTT instance is located. |
| Resources | String | Yes | TopicA/+ | The resource name that indicates an MQTT Topic. Multiple topics are separated by commas (,). Each Token can run and operate a maximum of 100 resources. If there are multiple topics, sort these topics in lexicographic order. The resource parameters registered while applying for the Token support the MQTT wildcard syntax, which includes one-level wildcard character (+) and multi-level wildcard character (#). For example, if you specify resources if the value is "Topic1/+", the client can operate any Topic of "Topic1/xxx"; If you specify resources if Topic1/# is specified, the consumer can operate on any level of Topic1/xxx/xxx/xxx topics. |
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| RequestId | String | 31782 AAF-D0CC-44C3-ABFD-1B500276F8CD | The ID of the request, which is a common parameter. Each request has a unique ID. |
| Token | String | LzMT+XLFl5s/YWJ/MlDz4t/Lq5HC1iGU1P28HAMaxYxn8aQbALNtml7QZKl9L9kPe6LqUb95tEVo+zUqOogs9+jZwDUSzsd4X4qaD3n2TrBEuMOqKkk1Xdrvu9VBQQvIYbz7MJWZDYC3DlW7gLEr33Cuj54iIhagtBi3epStJitsssWs7otY9zhKOSZxhr49G3d0bh35mwyP18EMvDas8UlzeSozsSrujNUqZXOGK0PEBSd+rWMGDJlCt6GFmJgm2JFY7PJwf/7OOSmUYIYFs5o/PuPpoTMF+hcVXMs+0yDukIMTOzG9m3t8k36PVrghFmnK6pC3Rt3mibjW****ng== | The Token returned by the server. Note Do not assume any length, format, or rules on the returned Token content. The actual returned value |
Examples
Sample requests
http(s)://onsmqtt.cn-hangzhou.aliyuncs.com/? Action=ApplyToken
&Actions=R
&ExpireTime=1578399620000
&InstanceId=post-cn-0pp12gl****
&RegionId=mq-internet-access
&Resources=TopicA/+
&<Common request parameters>Sample success responses
XML format
<RequestId>31782AAF-D0CC-44C3-ABFD-1B500276F8CD</RequestId>
<Token>LzMT+XLFl5s/YWJ/MlDz4t/Lq5HC1iGU1P28HAMaxYxn8aQbALNtml7QZKl9L9kPe6LqUb95tEVo+zUqOogs9+jZwDUSzsd4X4qaD3n2TrBEuMOqKkk1Xdrvu9VBQQvIYbz7MJWZDYC3DlW7gLEr33Cuj54iIhagtBi3epStJitsssWs7otY9zhKOSZxhr49G3d0bh35mwyP18EMvDas8UlzeSozsSrujNUqZXOGK0PEBSd+rWMGDJlCt6GFmJgm2JFY7PJwf/7OOSmUYIYFs5o/PuPpoTMF+hcVXMs+0yDukIMTOzG9m3t8k36PVrghFmnK6pC3Rt3mibjW****ng==</Token>JSON format
{
"RequestId": "31782AAF-D0CC-44C3-ABFD-1B500276F8CD",
"Token": "LzMT+XLFl5s/YWJ/MlDz4t/Lq5HC1iGU1P28HAMaxYxn8aQbALNtml7QZKl9L9kPe6LqUb95tEVo+zUqOogs9+jZwDUSzsd4X4qaD3n2TrBEuMOqKkk1Xdrvu9VBQQvIYbz7MJWZDYC3DlW7gLEr33Cuj54iIhagtBi3epStJitsssWs7otY9zhKOSZxhr49G3d0bh35mwyP18EMvDas8UlzeSozsSrujNUqZXOGK0PEBSd+rWMGDJlCt6GFmJgm2JFY7PJwf/7OOSmUYIYFs5o/PuPpoTMF+hcVXMs+0yDukIMTOzG9m3t8k36PVrghFmnK6pC3Rt3mibjW****ng=="
}Error codes
| HTTP status code | Error | Error message | Description |
|---|---|---|---|
| 404 | ApiNotSupport | The specified API is not supported. | The current interface is not supported. Please check. |
| 400 | ApplyTokenOverFlow | You have applied for tokens too many times. Please try again later. | Token application frequency is too high, system flow control, please try again. |
| 400 | CheckAccountInfoFailed | An error occurred while checking the account information by the STS token. | An error occurred while parsing the account information in the STS Token. |
| 400 | InstancePermissionCheckFailed | An error occurred while validating the permissions of the instance. Please verify the account that created the instance and its permissions settings. | The error message returned because the instance permission verification fails. Check the ownership and authorization policy of the MQTT instance. |
| 500 | InternalError | An error occurred while processing your request. Try again later. | The MQTT backend service is abnormal. Please try again. |
| 400 | ParameterCheckFailed | An error occurred while validating the parameters. The parameters may be missing or invalid. | The parameter verification fails. This parameter may be missing or invalid. |
| 400 | PermissionCheckFailed | An error occurred while validating the resource permissions. Please check the account that created the instance, topic, and GroupId, and check their permission settings. | The error message returned because the resource permission verification failed. Check the instance, Topic, and Group ID for their permissions and authorization policies. |
| 500 | SystemOverFlow | An error occurred while processing your request. Please try again. | System throttling. Please try again. |
| 400 | InvalidParameter.%s | An error occurred while validating the parameter. The parameter may be missing or invalid. | The parameter verification fails. This parameter may be missing or invalid. |
For a list of error codes, visit the API Error Center.