GetFederationToken

Last updated: 2021-03-24 17:17:21

    1. API Description

    Domain name for API request: sts.tencentcloudapi.com.

    This API is used to get temporary credentials for a federated user.

    A maximum of 600 requests can be initiated per second for this API.

    Note: This API supports Finance regions. If the common parameter Region is a Finance region, a domain name with the Finance region needs to be specified, for example: sts.ap-shanghai-fsi.tencentcloudapi.com

    We recommend you to use API Explorer
    Try it
    API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

    2. Input Parameters

    The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

    Parameter Name Required Type Description
    Action Yes String Common parameter. The value used for this API: GetFederationToken.
    Version Yes String Common parameter. The value used for this API: 2018-08-13.
    Region Yes String Common parameter. For more information, please see the list of regions supported by the product. This API only supports: ap-bangkok, ap-beijing, ap-chengdu, ap-chongqing, ap-guangzhou, ap-guangzhou-open, ap-hangzhou-ec, ap-hongkong, ap-jinan-ec, ap-mumbai, ap-nanjing, ap-qingyuan, ap-seoul, ap-shanghai, ap-shanghai-fsi, ap-shenzhen-fsi, ap-singapore, ap-tokyo, eu-frankfurt, eu-moscow, na-ashburn, na-siliconvalley, na-toronto
    Name Yes String The customizable name of the caller, consisting of letters
    Policy Yes String Policy description
    Note:
    1. The policy needs to be URL-encoded (if you request a TencentCloud API through the GET method, all parameters must be URL-encoded again in accordance with Signature v3 before the request is sent).
    2. For the policy syntax, please see CAM’s Syntax Logic.
    3. The policy cannot contain the principal element.
    DurationSeconds No Integer Specifies the validity period of credentials in seconds. Default value: 1800. Maximum value: 7200

    3. Output Parameters

    Parameter Name Type Description
    Credentials Credentials Temporary credentials
    ExpiredTime Integer Temporary credentials expiration time. A Unix timestamp will be returned which is accurate to the second
    Expiration String Credentials expiration time in UTC time in ISO 8601 format.
    Note: this field may return null, indicating that no valid values can be obtained.
    RequestId String The unique request ID, which is returned for each request. RequestId is required for locating a problem.

    4. Example

    Example1 Getting temporary credentials

    This example shows you how to grant temporary credentials with the following permissions:
    {"version":"2.0","statement":[{"effect":"allow","action":["name/cos:PutObject"],"resource":["qcs::cos:ap-beijing:uid/123456:prefix//123456/bucketA/*"]}]}

    Note: As the GET request url-encodes all parameters, the Policy parameter in the following example has been url-encoded twice.

    Input Example

    https://sts.tencentcloudapi.com/?Action=GetFederationToken
    &Name=SUN
    &Policy=%7b%22version%22%3a%222.0%22%2c%22statement%22%3a%5b%7b%22action%22%3a%5b%22name%2fqcisa%3aGetInfoByFields%22%5d%2c%22resource%22%3a%5b%22qcs%3a%3aqcisa%3a%3auin%2f90000000000%3aqcisa%2fbigCustomerDetail%22%2c%22qcs%3a%3aqcisa%3a%3auin%2f90000000000%3aqcisa%2fuserDetail%22%2c%22qcs%3a%3aqcisa%3a%3auin%2f90000000000%3aqcisa%2fauthDetail%22%5d%2c%22effect%22%3a%22allow%22%7d%5d%7d
    &<Common request parameters>
    

    Output Example

    {
      "Response": {
        "Credentials": {
          "Token": "kTRtHpOSOCUzTVWmzlPKweHffXjT9Izo7b61a142d6b56d31c0a7ace4d22bcff3zpbsXKTIrCo43dRRh7bDIKE1ZOE1KRYHEm0KNLjWG_aSF63YoQWchg-l7eXMInxXIc65HqXPjnouCcnQC98J8wEXGfE-X74QQ4kqdZXvvtgJ4yNUyDFRRkgdWtroOk0zQu4Y-h2N6pQU0FyMLSExd3UwGXpNe-CwqgNw9LTMDdz7LwsiQ9QgVCYSBdGaZXH_kOOfbAQFEDzW_8LId2mJG7DNPQMfpvc8pU_uNi0CZuQr686kYm3pLFg09UNHvB5ddn1m5SOBQRfLCK5Esdk4reSu5xw-KdZjJH2U0nZvXPU0JFrRNni1ouUdZiMpXKeZvxiooPMXtyOa_6ZTcdxjOMJfNx6pBOMWnBBJ9ShMV3S6t6AV3QSvCyvwH7dFQBXT9FPY8KK4uqRW168Q2kVt5dDdWqbRHbNg2ofhnUyHRMgYgKhtPFEAj4pJlorgWpyWtGMCGdCqnQkZ-gPOHEG0alJwveCB7CGU-K06cIGA2tZWWVr7wQRF6PrN5hWXnGI-M3hfEy1KX0degBEsjOMD4ORq2OOFvRiROln03wtBwSFCc0IhpYxCiHTsb3IAz69aU8_KEScc3ARNha5wk5L7XmyOaq9PXV5gcmV9Tw4-uO6DFwkgNPWhEyEkNYa8odPaJdrB7y8MVD_XAG92yjd5nuen7TRLCbS_0n2TbaKBZik4B_Pgxxh2QtzHfsqYdPRCzXACvhaIvnRO176cK0cgo4YKe_lTU-eqXuuoy-pqDEY2R_5ERV_UmLts89TgWVFPSGRJTQHFmLQ8RuGugenUP063kE_vAgtu0JWYn09sm1cjzJcG6E1ZJgJEWhB3LsUuhLuYn3HtwK6R65e4c3D0YKYiTzFdv3jK9aGlowL56Gfujkf2k5jX01JOltIFxotyKO2nBAD2to-7ExwvhhbTbBW-P5WpvoSqC86hdBxzAKgdJV-AHG0wKu8kHjO9w0DvT8IufPp8TbdcqFSUFhkEO5xXX4doDsjrSzW3qjnxQ6pDqkYW_kd41U-UwYbdNBoc0jsEtDCwW5UV2l2E6I0zFdML-68lUN3y0vrnaySxLxPt44t8BZDSoMpPgVyxEonyD6zarPWsFLvZGOwsCI4thDZ6jvud0KIpbQn0a0jDUsLhA24myxLjFpYbFPK5jqEDL8l5vHrJkvUOvUM4sM7e78FHx_7cIMw0upCBfuIMUd228Rfsz0JlBrIGrfOFg1iNVJ5A7Q1RH0zWR27jbmzr7a3c-g0_Fw9I8Bb3GdFD1vRhPpvARKXJHFHNSaausuwUu2_yHyvlMpXPUg3i9YVkQxO1aeEE6aH5RZSVKkqbt3ysxxv4OkhUaEuERQy-AEIuiu10Y79EbvjA6GQ0cotsl-gS5FIy54DbcEz5QEQ2gUtMa_IZjyLVPVAVvY8aqj3L2M9_xBIrV_nZ3BGFrn5FfkXUmImzl0kya6Mx_RwvVya7_triXDXTlUPM-JnMrjDkVP_bQNS2EU-61J8ibqj9Yvt4MoO8xojTbQKg9z_xN6jxRuoHeGslrQNSDtKu8uCWKMZNs78PPDmSrEkdwNOPENLPtfy_si32HV7jr3NxEHpyEin0sYOwKuUxJ9XovRVnw_-x9vQy7Duaqb4Ej0pGgvwB-B0WpVO80cFz-131ee7CkYNpqjJljRBUNdvmYHd_QYKQU1WwD8xXrRIQ7d4RsXbzOutl5yb2MxGcpLC5qS62cG6b1XeLSO5h1ZtsFte69kwwTk_fr4zHgqUxrMXjPMRKXKIWFoKGl