Authentication Method

Last Updated on : 2023-12-07 03:02:50download

This topic describes how to verify the signature in an API request that is issued by a third-party cloud service. It also describes how to assign a token to the third-party cloud service that passes the authentication. The Cloud Development Platform API follows the standard of the OAuth 2.0 authentication protocol and uses an implicit authentication method.

Procedure

To authorize a third-party cloud service that issues an API request, perform the following steps:

  1. Convert the values of client_id and secret into a signature and verify the signature.

    Note: For more information about how to generate a signature, see Sign Requests. For more information about client_id and secret, see View project details.

  2. The Tuya Cloud returns a token to the third-party cloud service after the authentication is passed.
    Authentication Method

Permissions

The Cloud Development Platform grants developer permissions to the third-party cloud service. This allows you to manage only resources on which developers have permissions. For example, the following data can be managed:

  • Application user data for developers
  • Device data for developer products
  • Data of the devices that are associated with developer application accounts