Tuya Open Platform Access Guide

Simple Mode

The caller uses the client_id, secret signature provided by Tuya to call the /v1.0/token interface to exchange token in the server. Application scenario such as: factory calls cloud api over the cloud to obtain device, user data, etc.

client_id application process

Register a developer account
云API授权
Apply to open a cloud API license
云API授权
Get accessId & accessKey (equivalent to client_id & secret)
云API授权

Authorization process

Screenshot
(A)Developers use cloud API clientId and secret for signature authentication. (B)Doodle cloud issues tokens to third-party clouds.

Environment Description

  China   https://openapi.tuyacn.com
  America https://openapi.tuyacn.com
  Europe  https://openapi.tuyaeu.com
The user of each interface should call the corresponding interface according to its own located area.

Request Method

Supported request methods are as follows:
Note: When the request method is POST, content_type needs to use application/json

Return Results

Unified return to json. General format is as follows:
Normal return of business:
{

    "success": true,
    "result": {
        //object
    }

}
Erroneous return of business:
{

    "success": false,
    "code": 100323,
    "msg": "token illegal"

}

sign method

TuyaCloud provide two sign algorithm based on different scenario: before get token:sign = HMAC-SHA256(client_id + t, secret).toUpperCase() after get token:sign = HMAC-SHA256(client_id + access_token + t, secret).toUpperCase()

OAuth2 Interface Description

Signature (sign)

The signature generation rule for obtaining token is as follows:
sign = HMAC-SHA256(client_id + t, secret).toUpperCase()
Uses standard HMAC-SHA256 algorithm. Converts to upper case after generation.
Note that for a request URL, its validity period is 5 minutes.

Request Header Settings

To obtain the interface of the token, the following parameters must be added in header:
Parameter name Type Parameter position Description Required
client_id String header client_id Yes
sign String header Signature calculated by token interface signature algorithm Yes
sign_method String header Digestion algorithm of signature, HMAC-SHA256 Yes
t Long header 13-digit standard time stamp Yes

Business Interface Description

Signature (sign)

The business-related interface signature generation rules are as follows:
sign = HMAC-SHA256(client_id + access_token + t, secret).toUpperCase()
Uses standard HMAC-SHA256 algorithm. Converts to upper case after generation.

Request Header Settings

Business interface must add the following parameters in header:
Parameter name Type Parameter position Description Required
client_id String header client_id Yes
access_token String header Token obtained through the above authorization Yes
sign String header Signature calculated by business interface signature algorithm Yes
sign_method String header Digestion algorithm of signature, HMAC-SHA256 Yes
t Long header 13-digit standard time stamp Yes
<style> table th:nth-of-type(1){ width: 10%; } table th:nth-of-type(2){ width: 10%; } table th:nth-of-type(3){ width: 10%; } /* … … */ </style>

Simple Mode