Service endpoint

Production Server

Request headers

Header Value Description
Content-Type application/json  
Accept application/json  
X-AppId Application ID or Project ID  
X-TimeStamp Request time in UTC format For example: 2010-01-31T23:59:59Z.  (for more information, go to
Authorization  Signature Token  Check Authentication section below


Request body

    Optional Description
languageCode   Required  
audio   Required Audio file in Base64 format
config codec Optional AMR_WB, OPUS. If not specified, AMR_WB will be used.
sampleRateHertz Optional only 16000 support for now
userId   Optional Unique User ID. userId should not be longer than 32 chars.
profanityFilter   Optional 1 to turn profanity filter on. If not specified, it is off.

Sample Request**

  "languageCode": "zh-CN",
  "config": {
   	"codec": "OPUS",
   	"sampleRateHertz": 16000



Requests to Speech Recognition API must be signed - that is, they must include information that Speech Recognition API can use to authenticate the requestor. Requests are signed using the appId and secretKey which are issued to your application.  To sign a request, you use some values from the request, and your secret key to create a signed hash - this is the signature. You can then add the signature to the request using the HTTP Authorization header. 

How to Generate a Signature for a Request to Speech Recognition API

  1. Create the canonicalized query string that you need later in this procedure:

    1. SHA256 digest of the query body, normally it will be a JSON string.

    2. Convert the digest bytes to HEX string

  2. Create the string to sign according to the following pseudo-grammar (the “\n” represents an ASCII newline character).

StringToSign = HTTPMethod + "\n" + 
               HostHeaderInLowercase + "\n" + 
               HTTPRequestURI + "\n" + 
               CanonicalizedQueryString <from the preceding step> + "\n" +
               "X-AppId:" + SAME_APPID_IN_HEADER + "\n" + 
               "X-TimeStamp:" + SAME_TIMESTAMP_IN_HEADER
  1. The HTTPRequestURI component is the HTTP absolute path component of the URI up to, but not including, the query string. If the HTTPRequestURI is empty, use a forward slash ( / ).

  2. Calculate an RFC 2104-compliant HMAC with the string you just created, your Secret Key as the key, and SHA256  as the hash algorithm. For more information, see

  3. Convert the resulting value to base64.

  4. Use the resulting value as the value of the Authorization HTTP header.

  Important The final signature you send in the request must be URL encoded as specified in RFC 3986 (for more information, see If your toolkit URL encodes your final request, then it handles the required URL encoding of the signature. If your toolkit doesn’t URL encode the final request, then make sure to URL encode the signature before you include it in the request. Most importantly, make sure the signature is URL encoded only once. A common mistake is to URL encode it manually during signature formation, and then again when the toolkit URL encodes the entire request. Some toolkits implement RFC 1738, which has different rules than RFC 3986 (for more information, go to  

Response body

errorCode   0 if successful
errorMessage   error message if errorCode is not 0
transcript languageCode  
text Recognized text from audio
duration duration of the audio in ms


Sample Response**

    "errorCode": 0,
    "transcript": {
        "languageCode": "zh-CN",
        "text": "杭州822路公交车经过站点。",
        "confidence": 0.0,
        "duration": 4881.770833333333

Error Code

HTTP Status Code Message
200 0 no message
429 1104 Out of Rate Limit
429 1105 Out of Quotas
405 1004 Method Not Allowed
411 1007 Not Content Length
400 1002 API Not Found
400 1003 Bad Request
400 2000 Missing Parameter
400 2001 Invalid Parameter
400 2002 Invalid Request
400 2102 Input Too Long
401 1102 Unauthorized Client
401 1106 Missing Access Token
401 1107 Invalid Token
401 1108 Expired Token
401 1110 Invalid Client
401 2000 Missing Parameter
401 2001 Invalid Parameter