Quick Start
Last Updated on : 2025-05-30 01:56:03download
This topic describes how to use the Business Platform to control smart devices.
Procedure
Learn how to use the Cloud Development Platform in two steps. The procedure is as follows.
Step 1: Create projects
A project is a collection of resources on the IoT Platform. Resources deployed by different cloud development projects are isolated from each other.
Note: For more information about the project management, see Manage Project.
Step 2: Entry of Developers
This module is under development. Currently, developers can submit their accounts (mobile numbers or email addresses registered with the Tuya IoT platform), enterprise names, industry domains (Optional. Default values can be used.) to the technical support center of the Tuya Intelligent Business Platform for generating entry information.
Access process
API Specifications
Header Parameters
You need to add the following parameters to the header for any APIs.
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
| client_id | String | Yes | Client ID provided by the Tuya Intelligent Business Platform. |
| sign | String | Yes | Signature calculated based on a specified signature algorithm. |
| sign_method | String | Yes | Digest algorithm of a signature, which is always set to HMAC-SHA256. |
| t | Long | Yes | 13-digit standard timestamp. |
| access_token | String | No | Access token, required for business APIs but not for token APIs. |
| lang | String | No | Language, which is set to Chinese by default (zh: Chinese; En: English; ja: Japanese; ko: Korean). |
Sign Requests
When you call an API operation of the Cloud Development Platform, you must provide a signature to verify your identity. This topic describes how to generate a signature in a call.
Signature Algorithms
Tuya Smart uses HMAC-SHA256 to create a message digest. Different signature algorithms are used in the following types of API operations: token management operations and service management operations.
Signature algorithm for token management operations
- Scope of application: operations that are used to get or refresh tokens.
- Signature algorithm: sign = HMAC-SHA256(client_id + t, secret).toUpperCase()
- Procedure to sign a request:
- Concatenate the value of client_id and the 13-digit standard timestamp of the specified request to create a string.
- Create a hash digest value based on the string and the value of the secret. Encode the hash digest value into a new string.
- Capitalize all letters of the new string.
Signature algorithm for service management operations
- Scope of application: operations that are used to manage services rather than tokens.
- Signature algorithm: sign = HMAC-SHA256(client_id + access_token + t, secret).toUpperCase()
- Procedure to sign a request:
- Concatenate the value of client_id, access_token, and the 13-digit standard timestamp of the specified request to create a string.
- Create a hash digest value based on the string and the value of secret. Encode the hash digest value into a new string.
- Capitalize all letters of the new string.
Signature examples
Parameters
| Parameter | Value |
|---|---|
| client_id | 1KAD46OrT9HafiKdsXeg |
| secret | 4OHBOnWOqaEC1mWXOpVL3yV50s0qGSRC |
| t | 1588925778000 |
| access_token | 3f4eda2bdec17232f67c0b188af3eec1 |
Signature algorithm for token management operations
- Create a string-to-sign.
1KAD46OrT9HafiKdsXeg1588925778000 - Create a hash digest value based on the string and the value of secret. Encode the hash digest value into a new string.
- Hash digest value: HMAC-SHA256(1KAD46OrT9HafiKdsXeg1588925778000,4OHBOnWOqaEC1mWXOpVL3yV50s0qGSRC)
- New string: ceaafb5ccdc2f723a9fd3e91d3d2238ee0dd9a6d7c3c365deb50fc2af277aa83
- Capitalize all letters of the new string.
CEAAFB5CCDC2F723A9FD3E91D3D2238EE0DD9A6D7C3C365DEB50FC2AF277AA83
Signature algorithm for service management operations
- Create a string-to-sign.1KAD46OrT9HafiKdsXeg3f4eda2bdec17232f67c0b188af3eec11588925778000
- Create a hash digest value based on the string and the value of secret. Encode the hash digest value into a new string.
- Hash digest value: HMAC-SHA256(1KAD46OrT9HafiKdsXeg3f4eda2bdec17232f67c0b188af3eec11588925778000,4OHBOnWOqaEC1mWXOpVL3yV50s0qGSRC)
- New string: 36c30e300f226b68add014dd1ef56a81edb7b7a817840485769b9d6c96d0faa1
- Capitalize all letters of the new string.
36C30E300F226B68ADD014DD1EF56A81EDB7B7A817840485769B9D6C96D0FAA1
Implement the HMAC SHA256 authentication scheme
Javascript
/**
Run the code online with this jsfiddle. Dependent upon an open source js library calledhttp://code.google.com/p/crypto-js/.
**/
<script src="http://crypto-js.googlecode.com/svn/tags/3.0.2/build/rollups/hmac-sha256.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.0.2/build/components/enc-base64-min.js"></script>
<script>
var hash = CryptoJS.HmacSHA256("Message", "secret");
var hashInBase64 = hash.toString().toUpperCase();
document.write(hashInBase64);
</script>
PHP
/**
PHP has built in methods for hash_hmac (PHP 5) and base64_encode (PHP 4, PHP 5) resulting in no outside dependencies. Say what you want about PHP but they have the cleanest code for this example.
**/
$s = strtoupper(hash_hmac("sha256", "Message", 'secret'));
echo var_dump($s);
Java
/**
Dependent on Apache Commons Codec to encode in base64.
**/
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
public class ApiSecurityExample {
public static void main(String[] args) {
try {
String secret = "secret";
String message = "Message";
Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
SecretKeySpec secret_key = new SecretKeySpec(secret.getBytes(), "HmacSHA256");
sha256_HMAC.init(secret_key);
byte[] bytes = sha256_HMAC.doFinal(message.getBytes());
String hash = new HexBinaryAdapter().marshal(bytes).toUpperCase();
System.out.println(hash);
}
catch (Exception e){
System.out.println("Error");
}
}
}
C#
using System;
using System.Security.Cryptography;
namespace Test
{
public class MyHmac
{
public static string Encrypt(string message, string secret)
{
secret = secret ?? "";
var encoding = new System.Text.UTF8Encoding();
byte[] keyByte = encoding.GetBytes(secret);
byte[] messageBytes = encoding.GetBytes(message);
using (var hmacsha256 = new HMACSHA256(keyByte))
{
byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
StringBuilder builder = new StringBuilder();
for (int i = 0; i < hashmessage.Length; i++)
{
builder.Append(hashmessage[i].ToString("x2"));
}
return builder.ToString().ToUpper();
}
}
}
}
Error Codes
Global Error Codes
| Error Code | Error Message | Description |
|---|---|---|
| 500 | system error,please contact the admin | System error. Contact the administrator for help. |
| 1000 | data not exist | The data does not exist. |
| 1001 | secret invalid | The key is invalid. |
| 1002 | access_token is null | The access token is null. |
| 1003 | grant type invalid | The grant type is invalid. |
| 1004 | sign invalid | The signature is invalid. |
| 1005 | Appkey invalid | The app key is invalid. |
| 1006 | not support content type | The content type is not supported. |
| 1007 | not support Appkey | The app key is not supported. Use the cloud key instead. |
| 1010 | token is expired | The token has expired. |
| 1011 | token invalid | The token is invalid. |
| 1012 | token status is invalid | The token status is invalid. |
| 1013 | request time is invalid | The request time is invalid. |
| 1100 | params is empty | The parameter is empty. |
| 1101 | params range invalid | The parameter range is invalid. |
| 1102 | params is null | The parameter is null. |
| 1105 | missing the header | The header is missing. |
| 1106 | permission deny | The permission is invalid. |
| 1108 | uri path invalid | The API address is invalid. |
Business Error Codes
| Error Code | Description |
|---|---|
| 10100500 | Internal error. |
| 10100501 | Operation failed. |
| 10101100 | The parameter is empty. |
| 10101106 | You are not authorized to perform this operation. |
| 10101105 | Parameter body exception. |
| 10101107 | The network is busy. Try again later. |
| 10101202 | The device does not exist. |
| 10101401 | The room does not exist. |
| 10101403 | The room number already exists. |
| 10101660 | The user does not exist. |
| 10102700 | The partner has been bound to the service provider. |
| 10102701 | No authorization relationship exists between the partner and the service provider. |
| 10102703 | The partner has not authorized the project. |
| 10102711 | One or more of the service provider’s construction or maintenance work orders have not been completed. You can unbind the service provider only after the work orders are completed. |
| 10102712 | The partnership supports authorization revocation. |
| 10102713 | The constructor does not exist. |
| 10102901 | The geographic location does not exist. |
| 10102902 | Operation failed. The number of projects has reached the upper limit. |
| 10102903 | The project already exists. |
| 10102904 | The project does not exist. |
| 10102905 | Operation failed. The project has associated rooms. |
| 10102906 | Operation failed. The number of rooms has reached the upper limit. |
| 10102907 | The product does not exist. |
| 10102908 | Operation failed. You are not the owner of the project. |
| 10102909 | Mandatory parameters missing, including those specifying the category and quantity of Wi-Fi or Zigbee devices. |
| 10102910 | Invalid construction status. |
| 10102911 | Invalid maintenance status. |
| 10101812 | The work order does not exist. |
| 10101813 | The construction category does not exist. |
| 10101814 | The device is offline. |
Is this page helpful?
YesFeedbackIs this page helpful?
YesFeedbackMarketing Cooperation
Business Cooperation
Customer Service
Media Inquiry
