Authentication Method D

Last updated: 2025-08-05 17:40:59

Authentication Method D

Last updated: 2025-08-05 17:40:59

Authentication URL format
http://Hostname/Filename?token=md5hash&t=timestamp
https://Hostname/Filename?token=md5hash&t=timestamp
Parameter description
Field
Description
Hostname
Site Acceleration Domain.
Path
Resource access path, authentication requires prefixing with /.
token
Authentication parameters name set by Definition.
t
Timestamp parameter name set by Definition
timestamp
Timestamp parameter. 
Format: Decimal positive integer Unix timestamp, is the total number of seconds from UTC time January 1, 1970, 00:00:00 to the present, its Definition is independent of the timezone; or Hexadecimal positive integer Unix timestamp, is the total number of seconds from UTC time January 1, 1970, 00:00:00 to the present, its Definition is independent of the timezone.
md5hash
A fixed-length string of 32 characters calculated using the MD5 algorithm:
Algorithm: MD5(Key + Path + timestamp). Note: When calculating, the hexadecimal timestamp must exclude the hexadecimal number identification 0x.
Authentication Logic: If the request is not expired, the node compares this string value with the md5hash value carried in the request URL. If the values are the same, authentication passes and the request is responded to; if the values are different, authentication fails, returning 403.
Configuration Samples
Assume the request https://www.example.com/foo.jpg uses authentication method D, configured as follows:
﻿
Get authentication parameters:
Path:/foo.jpg.
timestamp: The server generates the authentication URL time as July 15, 2024, 15:51:47 (UTC+8), converted to decimal (Unix timestamp) format is 1721029907.
Key: DvYmqE81E1F9R791H6lmht.
md5hash: MD5(Key + Path + timestamp) = MD5(DvYmqE81E1F9R791H6lmht/foo.jpg1721029907) = cadcec4a04e67b9c2abf4b61c642a0dd.  
Authentication URL generated by the client request
https://www.example.com/foo.jpg?token=cadcec4a04e67b9c2abf4b61c642a0dd&t=1721029907.
Node Authentication
When the Node Server receives a request from the client via the encrypted URL, it extracts the timestamp parameter from the URL, adds the configured Effective duration of "1 second", and compares it to the current time:
1. exceed the "timestamp + effective duration" time, the request is not expired, continue to step 2.
2. The Node Server calculates the md5hash value using the obtained authentication parameters and compares it with the md5hash value carried in the request URL. If the values are the same, authentication passes and the request is responded to; if the values are different, authentication fails, returning 403.
﻿

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

Field	Description
Hostname	Site Acceleration Domain.
Path	Resource access path, authentication requires prefixing with `/`.
token	Authentication parameters name set by Definition.
t	Timestamp parameter name set by Definition
timestamp	Timestamp parameter. Format: Decimal positive integer Unix timestamp, is the total number of seconds from UTC time January 1, 1970, 00:00:00 to the present, its Definition is independent of the timezone; or Hexadecimal positive integer Unix timestamp, is the total number of seconds from UTC time January 1, 1970, 00:00:00 to the present, its Definition is independent of the timezone.
md5hash	A fixed-length string of 32 characters calculated using the MD5 algorithm: Algorithm: MD5(Key + Path + timestamp). Note: When calculating, the hexadecimal timestamp must exclude the hexadecimal number identification 0x. Authentication Logic: If the request is not expired, the node compares this string value with the `md5hash` value carried in the request URL. If the values are the same, authentication passes and the request is responded to; if the values are different, authentication fails, returning 403.

tencent cloud

Authentication URL format

Parameter description

Configuration Samples

Get authentication parameters:

Authentication URL generated by the client request

Node Authentication