Simple Mode Access

Tuya Open Platform Access Guide

Simple Mode

The caller uses the client_id, secret signature provided by Tuya to call the /v1.0/token interface to exchange token in the server. Application scenario such as: factory calls cloud api over the cloud to obtain device, user data, etc.

client_id application process

  • Register a developer account

云API授权

  • Apply to open a cloud API license

云API授权

  • Get accessId & accessKey (equivalent to client_id & secret)

云API授权

Authorization process

Screenshot

  • (A)Developers use cloud API clientId and secret for signature authentication.
  • (B)Doodle cloud issues tokens to third-party clouds.

Environment Description

China   https://openapi.tuyacn.com
America https://openapi.tuyaus.com
Europe https://openapi.tuyaeu.com

The user of each interface should call the corresponding interface according to its own located area.

Request Method

  • Supported request methods are as follows:
    • GET
    • PUT
    • POST
    • DELETE

Note: When the request method is POST, content_type needs to use application/json

Return Results

Unified return to json. General format is as follows:

Normal return of business:

{

"success": true,
"result": {
//object
}

}

Erroneous return of business:

{

"success": false,
"code": 100323,
"msg": "token illegal"

}

sign method

TuyaCloud provide two sign algorithm based on different scenario:

  • before get token:sign = HMAC-SHA256(client_id + t, secret).toUpperCase()
  • after get token:sign = HMAC-SHA256(client_id + access_token + t, secret).toUpperCase()

OAuth2 Interface Description

Signature (sign)

The signature generation rule for obtaining token is as follows:

sign = HMAC-SHA256(client_id + t, secret).toUpperCase()

Uses standard HMAC-SHA256 algorithm. Converts to upper case after generation.

Note that for a request URL, its validity period is 5 minutes.

Request Header Settings

To obtain the interface of the token, the following parameters must be added in header:

Parameter name Type Parameter position Description Required
client_id String header client_id Yes
sign String header Signature calculated by token interface signature algorithm Yes
sign_method String header Digestion algorithm of signature, HMAC-SHA256 Yes
t Long header 13-digit standard time stamp Yes

Business Interface Description

Signature (sign)

The business-related interface signature generation rules are as follows:

sign = HMAC-SHA256(client_id + access_token + t, secret).toUpperCase()

Uses standard HMAC-SHA256 algorithm. Converts to upper case after generation.

Request Header Settings

Business interface must add the following parameters in header:

Parameter name Type Parameter position Description Required
client_id String header client_id Yes
access_token String header Token obtained through the above authorization Yes
sign String header Signature calculated by business interface signature algorithm Yes
sign_method String header Digestion algorithm of signature, HMAC-SHA256 Yes
t Long header 13-digit standard time stamp Yes

400 Call

Consult

400-881-8611