When you use API Gateway to send requests to underlying services, the requests must be signed using the AK and SK.
AK is a unique identifier that is associated with a secret access key; the access key ID and secret access key are used together to sign requests cryptographically.
SK is a key that is used in conjunction with an access key ID to cryptographically sign requests. Signing a request identifies the sender and prevents the request from being altered.
The following AK/SK authentication process applies if you apply for an AK/SK to call APIs for the first time or if the cached AK/SK and token are expired (the default validity period is 15 minutes).
The following AK/SK authentication process applies if an AK/SK and a token have been cached and are not expired.