AccessToken,即访问令牌。接口调用必备的公共参数之一,用于校验接口访问/调用是否有权限,有效期为7天,有效期内不需要重复申请,可以重复使用。
萤石支持两种oAuth授权方式获取AccessToken(推荐使用方式1 Client Credentials Grant):
使用AppKey和Secret直接换取AccessToken,一般在服务端调用(出于安全考虑)再由您自己的云服务下发给客户端SDK使用,接口见:获取Token,RFC 6749(oAuth标准)解释见:Client Credentials Grant
+---------+ +---------------+ | | | | | |>--(A)- Client Authentication --->| Authorization | | Client | | Server | | |<--(b)---- access="" token="">--(b)----><| |="" |="" |="" |="" |="" +---------+="">|>
使用客户端SDK嵌入的H5登录页,用户登录后SDK可以获取到AccessToken,注意:这里需要您的应用使用萤石账户体系,如无需和萤石账户互动,请使用Client Credentials Grant方式。接口见SDK的API文档,RFC 6749(oAuth标准)解释见:Implicit Grant
+----------+ | Resource | | Owner | | | +----------+ ^ | (B) +----|-----+ Client Identifier +---------------+ | -+----(A)-- & Redirection URI --->| | | User- | | Authorization | | Agent -|----(B)-- User authenticates -->| Server | | | | | | |<---(c)--- redirection="" uri="">---(c)---><| |="" |="" |="" with="" access="" token="" +---------------+="" |="" |="" in="" fragment="" |="" |="" +---------------+="" |="" |----(d)---="" redirection="" uri="" ----="">| Web-Hosted | | | without Fragment | Client | | | | Resource | | (F) |<---(e)------- script="">---(e)-------><| |="" |="" |="" +---------------+="" +-|--------+="" |="" |="" (a)="" (g)="" access="" token="" |="" |="" ^="" v="" +---------+="" |="" |="" |="" client="" |="" |="" |="">|>|>
请查看API接口文档
为了方便开发者试用,在开放平台官网也可以手动获取accessToken:开发者服务-我的应用-应用秘钥
联系客服