For more information about the code, see Server-Side Demo.


  • Install Java environment.
  • Install Maven environment.
  • Download IDEA.


graph LR; A[Create Spring Boot Project] --> B[Import and Scan SDK] --> C[Configure Developer Information] --> D[Develop APIs] --> E[Test APIs]

Create a Spring Boot project

Spring Boot

Import and scan SDK

Import SDK

sdf-starter current version : 1.3.0-developer-SNAPSHOT


Scan interceptor in the SDK

In, add the package sdf-starter to the scan directory. Add the required interceptor to the request interceptor.


When you add scanBasePackages, make sure to add com.tuya.sdf.starter and the package path of your applications.

package com.tuya.isv.demo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication(scanBasePackages = {"com.tuya.sdf.starter","com.tuya.isv.demo"})
public class IsvDemoApplication {
public static void main(String[] args) {, args);


Configure developer information

Get the credentials

Copy the App Key and Secret Key from the SaaS No-Code Platform.

  1. Log in to the SaaS No-Code Platform.

  2. Choose My Applications. Click View Development Credentials.


  3. Copy the credentials for use.


Configure the credentials


Develop APIs

Develop APIs

Sample code

public class DeviceController {
// Inject Bean for cloud-to-cloud integration.
DeviceAbility deviceAbility;
public JSONObject hello() {
// Get information about the user of the current request.
SdfUser user = SdfContextHolder.getUser();
// Get information about the SaaS of the current request.
SdfSaas sdfSaas = SdfContextHolder.getSdfSaas();
// Call the cloud APIs using the cloud-to-cloud integration SDK to get the instruction set by product category.
JSONObject result = deviceAbility.queryDeviceFunctions("dj");
return result;

Develop cloud-to-cloud integration capabilities

Sample code

public interface DeviceAbility {
JSONObject queryDeviceFunctions(@Path("category") String category);

Test APIs

Test Postman APIs

x-sdf-auth is the JWT parameter. For more information, see JWT Features.

Generate a JWT and start testing.


JWT decoding interceptor

The interceptor path: com.tuya.sdf.starter.interceptor.SdfContextInterceptor.

Hot to implement the interceptor:

  1. Get the JWT in the request header [x-sdf-auth].
  2. Use developer.code and developer.key to decode JWT. Get and set the SaaS and user information of the current request.
  3. Set the access key and secret key used to call Tuya cloud APIs through the tuya-connector.
public class SdfContextInterceptor implements HandlerInterceptor {
private static final String JWT_HEADER = "x-sdf-auth";
private static final ObjectMapper objectMapper = new ObjectMapper();
private Configuration configuration;
private String developerCode;
private String developerKey;
private SdfCrypt sdfCrypt;
public void init() {
sdfCrypt = new SdfCrypt(developerCode, developerKey);
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
try {
String header = request.getHeader(JWT_HEADER);
if (StringUtils.isBlank(header)) {
log.warn("header:[" + JWT_HEADER + "] is null");
return true;
Jws<Claims> jws = Jwts.parserBuilder()
Object userObj = jws.getBody().get("user");
Object saasObj = jws.getBody().get("saas");
if (Objects.isNull(userObj) || Objects.isNull(saasObj)) {
log.error("header token user and saas can't null");
throw new SdfException(HEADER_TOKEN_ERROR);
String userStr = objectMapper.writeValueAsString(userObj);
SdfUser sdfUser = objectMapper.readValue(userStr, SdfUser.class);
String saasStr = objectMapper.writeValueAsString(saasObj);
SdfContextHolder.setSdfSaas(objectMapper.readValue(saasStr, SdfSaas.class));
String clientId = sdfCrypt.decrypt(SdfContextHolder.getSdfSaas().getClientId());
String secretKey = sdfCrypt.decrypt(SdfContextHolder.getSdfSaas().getSecretKey());
} catch (SignatureException e) {
log.error("header jwt signature error", e);
throw new SdfException(HEADER_TOKEN_ERROR);
} catch (Exception e) {
log.error("jwt parser error", e);
throw new SdfException(HEADER_TOKEN_ERROR);
return true;

Use utility class to generate JWT

Write unit testing

Call the method SdfDeveloperUtil.generateJwtHeader() to generate JSON Web Token (JWT) for backend API debugging.

Sample code

class IsvDemoApplicationTests {
void contextLoads() {
private String developerCode;
private String developerKey;
void jwtTest() {
// Set user objects.
SdfUser sdfUser = new SdfUser();
// Set SaaS objects.
SdfSaas sdfSaas = new SdfSaas();
String u = JSON.toJSONString(sdfUser);
String s = JSON.toJSONString(sdfSaas);
// Generate JWT.
System.out.println(SdfDeveloperUtil.generateJwtHeader(developerCode, developerKey, sdfUser, sdfSaas));