Initialization

Updated at：2025-10-16

Confirm Endpoint

Before configuring the endpoint for SDK usage, please refer toAPI Service Domain Name in API Reference to understand endpoint-related concepts. Baidu AI Cloud currently supports multiple regions. Please refer toRegion Selection Guide. Corresponding information:

Access region	Endpoint
Beijing	eip.bj.baidubce.com
Guangzhou	eip.gz.baidubce.com
Suzhou	eip.su.baidubce.com
Hong Kong	eip.hkg.baidubce.com
Wuhan	eip.fwh.baidubce.com
Baoding	eip.bd.baidubce.com

Retrieve access key

To use Baidu AI Cloud EIP, users need a valid AK (Access Key ID) and SK (Secret Access Key) for signature certification. AK/SK are system-assigned strings used to identify users and perform signature certification for EIP. Your AK/SK information can be obtained and understood through the following steps: Register a Baidu AI Cloud account Create AK/SK

Create EipClient/EipGroupClient/EipBpClient

The EipClient acts as the client for EipTp services, providing developers with various methods to interact with EIP services.

Create EipClient/EipGroupClient/EipBpClient with AK/SK

Users can refer to the following code to create a client to access Eip with AK/SK:

                Java
                
            

                public class Sample {
    public static void main(String[] args) {
 String ACCESS_KEY_ID =<your-access-key-id>;                   // User’s Access Key ID
 String SECRET_ACCESS_KEY =<your-secret-access-key>;           // User’s Secret Access Key
        
 // Initialize EipClient
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
        EipClient client = new EipClient(config);
        
 // Initialize an EipGroupClient
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
        EipGroupClient client = new EipGroupClient(config);
        
 // Initialize EipBpClient
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY));
        EipBpClient client = new EipGroupClient(config);
    }
}
            

In the code above, ACCESS_KEY_ID corresponds to “Access Key ID” in the console. SECRET_ACCESS_KEY corresponds to “Access Key Secret” in the console. For the method to retrieve them, refer to the Guide - Manage ACCESSKEY.

The method mentioned above uses the default domain name as the service address for EIP. To use a custom domain name, pass the ENDPOINT parameter during configuration.

                Java
                
            

                String ACCESS_KEY_ID =<your-access-key-id>;                   // User’s Access Key ID
 String SECRET_ACCESS_KEY =<your-secret-access-key>;           // User’s Secret Access Key
 String ENDPOINT = <domain-name>;                               // User-defined domain name
 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
 config.setEndpoint(ENDPOINT);
 EipClient client = new EipClient(config);
 EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);
            

Note: The ENDPOINT parameter must use region-specific domains (e.g., http://aihc.bj.baidubce.com for Beijing). If unspecified, it defaults to the Beijing region endpoint (http://eip.bj.baidubce.com).

Create EipClient/EipGroupClient/EipBpClient with STS

Request STS Token

EIP allows temporary third-party access authorization using the STS mechanism. STS (Security Token Service) is a temporary authorization service offered by Baidu AI Cloud. With STS, you can issue access credentials with customizable validity periods and permissions to third-party users. These users can then utilize the credentials to directly call Baidu AI Cloud APIs or SDKs to access cloud resources.

To access EIP via STS, users must first request a certification string through the STS client. For instructions on obtaining STS credentials, refer to Baidu AI Cloud STS Usage Guide。

Create EipClient with STS Token

After requesting the STS token, configure it in the EipClient. The following codes demonstrate how to create an EipClient:

                Java
                
            

                public class StsExample {
    private static final String STS_ENDPOINT = "http://sts.bj.baidubce.com";
    private static final String ACCESS_KEY_ID = "your accesskey id";
    private static final String SECRET_ACCESS_KEY = "your secret accesskey";
    public static void main(String[] args) {
        BceCredentials credentials = new DefaultBceCredentials(ACCESS_KEY_ID, SECRET_ACCESS_KEY);
        StsClient client = new StsClient(
                new BceClientConfiguration().withEndpoint(STS_ENDPOINT).withCredentials(credentials)
        );
        GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest());
        // or simply call:
        // GetSessionTokenResponse response = client.getSessionToken();
        // or you can specify limited permissions with ACL:
        // GetSessionTokenResponse response = client.getSessionToken(new GetSessionTokenRequest().withAcl("blabla"));
        // build DefaultBceSessionCredentials object from response:
        BceCredentials eipStsCredentials = new DefaultBceSessionCredentials(
                response.getAccessKeyId(),
                response.getSecretAccessKey(),
                response.getSessionToken());
        System.out.println("==================================");
        System.out.println("GetSessionToken result:");
        System.out.println("    accessKeyId:  " + response.getAccessKeyId());
        System.out.println("    secretAccessKey:  " + response.getSecretAccessKey());
        System.out.println("    securityToken:  " + response.getSessionToken());
        System.out.println("    expiresAt:  " + response.getExpiration().toString());
        System.out.println("==================================");
        // build eip client
        BceClientConfiguration config = new BceClientConfiguration();
        config.setCredentials(eipStsCredentials);
        EipClient eipClient = new EipClient(config);
        EipGroupClient client = new EipGroupClient(config);
        EipBpClient client = new EipBpClient(config);
    }
}
            

Note: Currently, when configuring a client with STS, regardless of where the corresponding EIP service endpoint is located, the endpoint must be set to http://sts.bj.baidubce.com.

Configure HTTPS protocol to access Eip/EipGroup/EipBp

EIP supports HTTPS transport protocol. You can use HTTPS to access the EIP service in the EIP Java SDK in the following two ways:

Specify HTTPS in the endpoint:

                Java
                
            

                 String endpoint = "https://eip.bj.baidubce.com";
 String ak = "ak";
 String sk = "sk";
 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ak, sk));
 EipClient client = new EipClient(config);
 EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);
            

Configure HTTPS by calling setProtocol:

                Java
                
            

                 String endpoint = "eip.bj.baidubce.com"; // endpointwithout protocol
 String ak = "ak";
 String sk = "sk";
 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ak, sk));
 config.setEndpoint(ENDPOINT);
 config.setProtocol(Protocol.HTTPS); // Defaults to HTTP if unspecified
 EipClient client = new EipClient(config);
 EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);
            

Note: If the endpoint already includes a protocol, the one in endpoint takes effect, and the setProtocol() method will be ignored.

                Java
                
            

                 String endpoint = "http://eip.bj.baidubce.com";
 String ak = "ak";
 String sk = "sk";
 BceClientConfiguration config = new BceClientConfiguration();
 config.setCredentials(new DefaultBceCredentials(ak, sk));
 config.setEndpoint(ENDPOINT);    
 config.setProtocol(Protocol.HTTPS); // Invalid operation if specified in endpoint, applicable to HTTP cases
 EipClient client = new EipClient(config);
 EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);
            

Configure EipClient/EipGroupClient/EipBpClient

To configure specific parameters for the EipClient, pass a BceClientConfiguration object during initialization. This enables you to adjust proxy settings, maximum connections, and other network parameters.

Use a proxy

The following code snippet enables the client to access EIP service using a proxy:

                Java
                
            

                String ACCESS_KEY_ID =<your-access-key-id>;                   // User’s Access Key ID
 String SECRET_ACCESS_KEY =<your-secret-access-key>;           // User’s Secret Access Key
 String ENDPOINT = <domain-name>;                               // User-defined domain name
 // Create BceClientConfiguration instance
 BceClientConfiguration config = new BceClientConfiguration();
 // Configure proxy to local port 8080
 config.setProxyHost("127.0.0.1");
 config.setProxyPort(8080);
 // Create EIP client
 config.setCredentials(new DefaultBceCredentials(ACCESS_KEY_ID,SECRET_ACCESS_KEY));
 config.setEndpoint(ENDPOINT);
 EipClient client = new EipClient(config);
 EipGroupClient client = new EipGroupClient(config);
 EipBpClient client = new EipBpClient(config);
            

All client requests will then be routed through the proxy at 127.0.0.1:8080.

For verified proxies, configure credentials:

Plain Text

1// Create BceClientConfiguration instance
2 BceClientConfiguration config = new BceClientConfiguration();
3    
4 // Configure proxy to local port 8080
5 config.setProxyHost("127.0.0.1");
6 config.setProxyPort(8080);
7    
8 // Set username and password
9 config.setProxyUsername(<username>);                             // Username
10 config.setProxyPassword(<password>);                             // Password

Set network parameters

Users may set the basic network parameters with BceClientConfiguration:

                Java
                
                BceClientConfiguration config = new BceClientConfiguration();
    
 // Set maximum number of HTTP connections to 10
config.setMaxConnections(10);
    
 // Set TCP connection timeout to 5,000 milliseconds
config.setConnectionTimeout(5000);
    
 // Set timeout for Socket data transmission to 2,000 milliseconds
config.setSocketTimeout(2000);

Parameter description The following parameters can be configured via BceClientConfiguration:

Parameters	Description
UserAgent	User agent, refers to HTTP’s User-Agent header
Protocol	Connection protocol type
ProxyDomain	Windows domain for NTLM-verified proxy
ProxyHost	Proxy server host address
ProxyPort	Proxy server port
ProxyUsername	Proxy verification username
ProxyPassword	Proxy verification password
ProxyPreemptiveAuthenticationEnabled	Enable user agent verification or not
ProxyWorkstation	NTLM proxy workstation name
LocalAddress	Local address
ConnectionTimeoutInMillis	Timeout for establishing TCP connections (unit: ms)
SocketTimeoutInMillis	Timeout for socket data transmission (unit: ms)
MaxConnections	Maximum allowable HTTP connections
RetryPolicy	Retry policy for connections
SocketBufferSizeInBytes	Buffer size for socket operations

Exception handling

Install the SDK Package