This topic describes how to install Security Token Service (STS) SDK for Java and provides an example about how to use STS SDK for Java.

Background information

  • To use STS SDK for Java, you must install the core library of Alibaba Cloud SDK for Java (aliyun-java-sdk-core) and the STS SDK (aliyun-java-sdk-sts).
  • Alibaba Cloud provides OpenAPI Explorer to simplify API usage. You can use OpenAPI Explorer to debug API operations and dynamically generate SDK sample code.
  • For more information about STS API operations, see What is STS?.
  • For more information about STS endpoints, see Endpoints.

Install the SDK for Java

  • Method 1: (Recommended) Add dependencies by using Maven
    1. Use Maven to create a project.
      mvn archetype:generate -DgroupId=com.aliyun.sts.sample \
      -DartifactId=sts-sdk-sample \
      -Dpackage=com.aliyun.sts.sample \
    2. Add the following dependencies to the pom.xml file of the project:
      Note You can obtain the latest version of the aliyun-java-sdk-core package from the Maven repository.
  • Method 2: Download the JAR packages of the SDKs and add the packages to your project

    You can use this method to install the SDKs for Java regardless of whether you are using Eclipse or IntelliJ as the integrated development environment (IDE). You can download the JAR packages of the SDKs from the following links:


The following sample code provides an example on how to call the AssumeRole operation by using the SDK for Java. For other operations, you can use OpenAPI Explorer to debug the operations and obtain sample code.

import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.IAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.exceptions.ServerException;
import com.aliyuncs.profile.DefaultProfile;
import java.util.*;
import com.aliyuncs.sts.model.v20150401.*;

public class AssumeRole {

    public static void main(String[] args) {
        // Construct an Alibaba Cloud client to initiate requests. 
        // Specify the AccessKey ID and AccessKey secret of the requester. The requester can be a Resource Access Management (RAM) user or a RAM role. 
        DefaultProfile profile = DefaultProfile.getProfile("cn-hangzhou", "<accessKeyId>", "<accessSecret>");
        IAcsClient client = new DefaultAcsClient(profile);

        // Construct a request and specify request parameters. For more information about the parameters, see API Reference. 
        AssumeRoleRequest request = new AssumeRoleRequest();
        // Initiate the request and obtain a response. 
        try {
            AssumeRoleResponse response = client.getAcsResponse(request);
            System.out.println(new Gson().toJson(response));
        } catch (ServerException e) {
        } catch (ClientException e) {
            System.out.println("ErrCode:" + e.getErrCode());
            System.out.println("ErrMsg:" + e.getErrMsg());
            System.out.println("RequestId:" + e.getRequestId());