Skip to content

API Authorization

Access Token

To ensure the security of API calls, HENGSHI API adopts the highest security interaction model in OAuth2: Access Token.

How secure is the Access Token:

  • First, the Client ID and Client Secret required to apply for the Token must be issued by a user with the system administrator role.

  • Second, the Token has a validity period, which is 12 hours.

  • Additionally, if a leak is discovered, the Token can be revoked immediately.

Operation Steps

Open the Settings->Security Management->API Authorization page to perform CRUD operations on API authorization.

Create Client ID and Client Secret

Select Add Authorization, enter the authorization name in the popup, and click Confirm to generate the Client ID and Client Secret.

Check Enable Sudo to allow users to call this user's API as any user within the system.

Select an API authorization, and copy buttons will appear next to clientID and clientSecret. Click to obtain the required clientID and clientSecret.

Get Access Token

See Get Token

User Manual for Hengshi Analysis Platform