Top / Developers / Authentication

This page is automatically translated.

About authentication

Basically, credentials are secured by single sign-on with OAUTH2, but for compatibility or ease of application support, some APIs can use BASIC authentication.

The relationship between certification required areas and resources

In addition to the credentials issued by OAUTH2, a different API-KEY is required for each application(see below)
api.teracloud.jpの、/ba/user/In addition to BASIC authentication (*), API-KEY is required.
WebDAVアクセスAuthorization for /dav/ and /backup/BASIC authentication (*)
As of May 2020, access to /dav/ using BASIC authentication is possible for all users. In the future, only new users will be able to access /dav/ with BASIC authentication unless they enable it in MyPage.
WebDAVアクセスAuthorization for /v2/dav/Credentials issued by OAUTH2

Authentication required area

In the WebDAV area, the following paths of each node server are subject to BASIC authentication.

REST API, with some exceptions, in principle, authentication is mandatory.

Authentication Method

Certification by OAUTH2

To be published separately.

BASIC authentication (*)


All access must be SSL (TLS v1.2 or later) and therefore does not support Digest-type BASIC authentication.

BASIC authentication

Method using HTTP's Request Header, Authorization:, which can be in both preemptive and non-preemptive mode.


The ID is the same as the one you use to login to TeraCLOUD.


As of May 2020, the password is the same as the one used to login to TeraCLOUD.In the future, BASIC authentication will be turned off by default for new users and must be enabled in MyPage. At this time, the password for BASIC authentication will be randomly issued by the system.

Credential required for REST API access

In order to access the REST API, we need two credentials. When these two are conforming and correct, the API becomes available for the first time.

User ID, password
What determines the user. It is used for BASIC certification etc. It is the same format as authentication with ordinary WebDAV.
A unique key determined for each application. It is used for labeling.

Acquisition of API KEY

Applications are required for API KEY, and application developers can apply from the corresponding application registration request form.

Although some review is done, any developer, such as a corporation, individual, open source, etc., can be used.

Technically speaking, API KEY needs to be filled in the application side, so it can not be actually protected. If it is an open source etc., it is thought that it may be committed to github etc, so this API KEY can be regarded as a mechanism for gaining application as a gentlemanly agreement to the last.

In the future, based on the offer from the application developer, it is planned to invalidate the API KEY and implement the invalidation function of the API key specific to each user individually.

How to give API KEY

API KEY needs to be sent in one of the following ways.

Method to send with HTTP Request Header

Method to send with MatrixParam

Since the REST Interface of TeraCLOUD is communication only with HTTPS, it does not need a special REST Client stack. However, because the easy access method is considered to be different depending on the language to be used, the library stack, and the application programmer's development method, at the moment it is possible to choose access by the above two methods.

Other information

Format of API KEY
Send 128 bits in hexadecimal, uppercase BINHEX.
Validity period
That request only.