Last updated: 2021-01-25 14:36:36

    Algorithm Description

    Access URL format

    Algorithm description

    • timestamp: A timestamp in the format of YYYYMMDDHHMM.
    • md5hash: MD5 (custom key + timestamp + file path).

    Sample request


    When the MD5 value is calculated, if the request path is, then the path used for MD5 calculation will be /test.jpg.

    Configuration Guide

    Parameter description

    TypeB requires the following configurations:

    Custom Authentication Key: it can contain 6 to 40 digits, uppercase and lowercase letters. It should be kept private and disclosed to only the client and server.
    Custom Validity Period: the timestamp value in the request path plus the configured validity period is compared with the current time to determine whether the request has expired; if so, a 403 error will be directly returned.


    After configuring the key, parameter name, and validity period, you can specify the authentication object as needed. The following three authentication modes are supported:

    • All files under a specified domain name need to be authenticated.
    • All files except those of a specified type need to be authenticated.
    • Only files of a specified type need to be authenticated.


    Cache hit rate
    If you have enabled TypeB authentication for a domain name, the signature and timestamp will be carried in the access URL path. When a CDN node caches a resource, it will automatically ignore the fields in the path and thus not affect the cache hit rate.
    Origin-pull policy
    The access format of a domain name with TypeB authentication mode enabled is as follows:

    If no hits are found on the CDN node after successful authentication, the node will initiate an origin-pull request, in which the md5hash and timestamp will be removed from the path. The origin server does not require any configuration.