Authenticating vCloud Director Object Storage Extension REST API Requests

AWS Signature

vCloud Director Object Storage Extension supports AWS Signature Version 4.

To authenticate vCloud Director Object Storage Extension REST API requests using AWS Signature type, you use security credentials. Security credentials are a pair of an access key and a secret key. vCloud Director Object Storage Extension supports user and application types of security credentials. Users own and manage their security credentials.

With S3 API requests authenticated with user credentials, you can manage all objects owned or shared by the owner of the user credentials. With application credentials, you control the S3 API access at the bucket level.

For more information about creating and working with security credentials, see the Working with Security Credentials topic in the vCloud Director Object Storage Extension User's Guide for Tenant Users.

In vCloud Director Object Storage Extension, only tenant users can own security credentials. To create and use security credentials, your user account requires the tenant administrator role or the tenant user role. For more information, see the Roles and Rights in vCloud Director Object Storage Extension topic in the vCloud Director Object Storage Extension User's Guide for Tenant Users.

For more information about AWS Signature authentication, see the Authenticating Requests (AWS Signature Version 4) topic in the AWS documentation.

vCloud API Session

To authenticate vCloud Director Object Storage Extension REST API requests, you can also use the vCloud API login mechanism of vCloud Director. For more information, see the Create a vCloud API Session topic in the vCloud API Programming Guide for Service Providers.