Authentication Methods

Access Token

  • To enhance the security of calling OrionStar Robot OpenAPI (hereinafter referred to as API), OrionStar uses the access token authentication mechanism to authenticate the identity of the caller. For information on how to obtain access_token, please refer to Obtaining access_token;
  • When you call the API, pass the access_token to OrionStar. OrionStar can then identify your identity and permissions, thereby protecting the security of customer data. For information on how to pass the access_token, please refer to Using access_token;
  • OrionStar recommends that you read this document before calling the API to fully understand the access_token authentication mechanism;

Obtaining access_token

  • access_token is a string with a length of up to 2048 bytes. Please reserve at least 2048 bytes when caching access_token;
  • Please reuse the obtained access_token within its validity period. Do not repeatedly obtain access_token within its validity period;

Using access_token

  • You need to pass the access_token to the Authorization request header of HTTP when calling the API, and you need to add the prefix Bearer<space> in front;

Header Example

  • Assuming access_token=T.WcnhSdYj-kwVBpP27LRQrw.ori-67facfd90b2744220a5eae850e51, the required header is:
    • Authorization: Bearer T.WcnhSdYj-kwVBpP27LRQrw.ori-67facfd90b2744220a5eae850e51

cURL Example

curl --header 'Authorization: Bearer T.WcnhSdYj-kwVBpP27LRQrw.ori-67facfd90b2744220a5eae850e51' \
     --location 'https://global-openapi.orionstar.com/v1/robot/robot_info?robot_sn=test_sn'
  • Last modified: 2024-04-09 20:51 +0800