All Products
Search
Document Center

ApsaraMQ for MQTT:ApplyToken

Last Updated:Aug 22, 2024

Applies for a token from ApsaraMQ for MQTT. If token-based authentication is used for permission authentication on an ApsaraMQ for MQTT broker, a token that is issued by the broker is required for authentication each time a client is connected to the broker.

Operation description

  • You can call this operation up to 100 times per second per account. If you want to increase the limit, join the DingTalk group 35228338 to contact ApsaraMQ for MQTT technical support.
  • Each successful call to the ApplyToken operation increases the messaging transactions per second (TPS) by one. This affects the billing of your instance. For more information, see Billing rules.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

ParameterTypeRequiredDescriptionExample
ResourcesstringYes

The topics on the ApsaraMQ for MQTT instance. Separate multiple topics with commas (,). Each token can be used to access up to 100 topics. Multiple topics are sorted in alphabetic order. MQTT wildcards, including single-level wildcards represented by plus signs (+) and multi-level wildcards represented by number signs (#), can be used for the Resources parameter that you register to apply for a token.

For example, if you set the Resources parameter to Topic1/+ when you apply for a token, the ApsaraMQ for MQTT client can manage the topics in Topic1/xxx. If you set the Resources parameter to Topic1/# when you apply for a token, the ApsaraMQ for MQTT client can manage topics of any level in Topic1/xxx/xxx/xxx.

Note ApsaraMQ for MQTT supports subtopics. You can specify subtopics in the code for messaging instead of configuring them in the ApsaraMQ for MQTT console. Forward slashes (/) are used to separate topics of different levels. For more information, see Terms .
TopicA/+
InstanceIdstringYes

The ID of the ApsaraMQ for MQTT instance. The ID must be consistent with the ID of the instance that the ApsaraMQ for MQTT client uses. You can obtain the instance ID on the Instance Details page that corresponds to the instance in the ApsaraMQ for MQTT console.

post-cn-0pp12gl****
ExpireTimelongYes

The timestamp that indicates the point in time when the token expires. Unit: milliseconds. The minimum validity period of a token is 60 seconds, and the maximum validity period of a token is 30 days. If you specify a validity period of more than 30 days for a token, no errors are returned. However, the token is valid only for 30 days.

For example, you want to specify a validity period of 60 seconds for a token. If the current system timestamp is 1609434061000, you must set this parameter to 1609434121000. The value is calculated by using the following formula: 1609434061000 + 60 x 1000 = 1609434121000.

1609434121000
ActionsstringYes

The permission type of the token. Valid values:

  • R: read-only. You can only subscribe to the specified topics.
  • W: write-only. You can only send messages to the specified topics.
  • R,W: read and write. You can send messages to and subscribe to the specified topics. Separate R and W with a comma (,).
R
Note For information about other parameters, see Common parameters and Endpoints .

Response parameters

ParameterTypeDescriptionExample
object
Tokenstring

The token that is returned by the ApsaraMQ for MQTT broker.

Note Do not assume the length, format, or rule of the token to return. The actual returned token shall prevail.
LzMT+XLFl5s/YWJ/MlDz4t/Lq5HC1iGU1P28HAMaxYxn8aQbALNtml7QZKl9L9kPe6LqUb95tEVo+zUqOogs9+jZwDUSzsd4X4qaD3n2TrBEuMOqKkk1Xdrvu9VBQQvIYbz7MJWZDYC3DlW7gLEr33Cuj54iIhagtBi3epStJitsssWs7otY9zhKOSZxhr49G3d0bh35mwyP18EMvDas8UlzeSozsSrujNUqZXOGK0PEBSd+rWMGDJlCt6GFmJgm2JFY7PJwf/7OOSmUYIYFs5o/PuPpoTMF+hcVXMs+0yDukIMTOzG9m3t8k36PVrghFmnK6pC3Rt3mibjW****ng==
RequestIdstring

The request ID. This parameter is a common parameter.

31782AAF-D0CC-44C3-ABFD-1B500276****

Examples

Sample success responses

JSONformat

{
  "Token": "LzMT+XLFl5s/YWJ/MlDz4t/Lq5HC1iGU1P28HAMaxYxn8aQbALNtml7QZKl9L9kPe6LqUb95tEVo+zUqOogs9+jZwDUSzsd4X4qaD3n2TrBEuMOqKkk1Xdrvu9VBQQvIYbz7MJWZDYC3DlW7gLEr33Cuj54iIhagtBi3epStJitsssWs7otY9zhKOSZxhr49G3d0bh35mwyP18EMvDas8UlzeSozsSrujNUqZXOGK0PEBSd+rWMGDJlCt6GFmJgm2JFY7PJwf/7OOSmUYIYFs5o/PuPpoTMF+hcVXMs+0yDukIMTOzG9m3t8k36PVrghFmnK6pC3Rt3mibjW****ng==",
  "RequestId": "31782AAF-D0CC-44C3-ABFD-1B500276****"
}

Error codes

HTTP status codeError codeError message
400ApplyTokenOverFlowYou have applied for tokens too many times. Please try again later.
400CheckAccountInfoFailedAn error occurred while checking the account information by the STS token.
400InstancePermissionCheckFailedAn error occurred while validating the permissions of the instance. Please verify the account that created the instance and its permissions settings.
400ParameterCheckFailedAn error occurred while validating the parameters. The parameters may be missing or invalid.
400PermissionCheckFailedAn error occurred while validating the resource permissions. Please check the account that created the instance, topic, and GroupId, and check their permission settings.
400InvalidParameter.%sAn error occurred while validating the parameter. The parameter may be missing or invalid.
404ApiNotSupportThe specified API is not supported.
500InternalErrorAn error occurred while processing your request. Try again later.
500SystemOverFlowAn error occurred while processing your request. Please try again.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
No change history