Authentication

Top / Developers / Authentication

This page is automatically translated.

About authentication

Currently only BASIC certification is available for authentication.

Authentication of WebDAV accessBASIC authentication
REST APIIn addition to BASIC authentication, API-KEY is mandatory (see below)

BASIC certification

For all access, SSL (TLS v1.2 or later) is required.

User ID and password can be authenticated in the following way.

BASIC certification
A method using HTTP Request Header, Authorization:. Both preemptive mode and nonpreemptive mode are supported.

Authentication required area

In the WebDAV area, the following paths of each node server are subject to BASIC authentication.

Apart from a part, the REST API becomes essential for basic authentication.

(※) Authentication method other than BASIC authentication

Currently, most WebDAV clients are compatible with BASIC authentication, but it can not be said that it is sufficient as a future authentication method.

For example, when using the WebDAV client application, it is necessary for the user to register his / her ID and password in the client application without fail. In the case of TeraCLOUD, this ID and password are the same as the login of TeraCLOUD itself, so application developers need to be careful about the ID and password storage area.

Therefore, future TeraCLOUD plans to correspond to OpenID Connect (OAuth 2) and optional BASIC authentication (functions that each user needs to make effective).

Credential required for REST API access

In order to access the REST API, we need two credentials. When these two are conforming and correct, the API becomes available for the first time.

User ID, password
What determines the user. It is used for BASIC certification etc. It is the same format as authentication with ordinary WebDAV.
API KEY
A unique key determined for each application. It is used for labeling.

Acquisition of API KEY

Applications are required for API KEY, and application developers can apply from the corresponding application registration request form.

Although some review is done, any developer, such as a corporation, individual, open source, etc., can be used.

Technically speaking, API KEY needs to be filled in the application side, so it can not be actually protected. If it is an open source etc., it is thought that it may be committed to github etc, so this API KEY can be regarded as a mechanism for gaining application as a gentlemanly agreement to the last.

In the future, based on the offer from the application developer, it is planned to invalidate the API KEY and implement the invalidation function of the API key specific to each user individually.

How to give API KEY

API KEY needs to be sent in one of the following ways.

Method to send with HTTP Request Header

Method to send with MatrixParam

Since the REST Interface of TeraCLOUD is communication only with HTTPS, it does not need a special REST Client stack. However, because the easy access method is considered to be different depending on the language to be used, the library stack, and the application programmer's development method, at the moment it is possible to choose access by the above two methods.

Other information

Format of API KEY
Send 128 bits in hexadecimal, uppercase BINHEX.
Validity period
That request only.